Scams Attacking iTunes New Ping Social Network
Spammers are already taking advantage of Apple's new iTunes social network Ping to launch survey scams. Ping is being hit with scams and spam messages, with some attempting to dupe users into wasting their time completing online surveys with the false promise of receiving a free iPhone in return for their efforts.
Ping allows users to share the music they're listening to with friends, showcase their favorite artists and albums with friends and follow their favorite artists. Artists and musicians themselves can post updates to keep their fanbase informed, as well -- and this is where the spam started, according to Bradley Anstis, VP of Technology Strategy at M86 Security.
Within 48 hours of the service being launched, we noticed an uptick in spam/scams similar to campaigns targeting users of other social networks such as Twitter and Facebook, said Anstis.
Users can create accounts on Ping without submitting any credit card information , making it easy for users to create fake accounts. With these fake accounts, spammers are able to post comments on the artists' profiles with links that were unclickable but discernable as URLs.
Most of the links we observed were to surveys, which would be used to harvest personal information from users in exchange for the promise of an iPhone 4 or iPad, explained Anstis. Even though most were scam links, there was nothing stopping spammers from posting links to rogue anti-virus or any other drive-by downloads of malware.
One way users can protect themselves from an attack is to make sure all of their software applications are up-to-date. For example, the iTunes 10 update that boasts the Ping social network and enhancements for the new line of iPod products, also addresses multiple vulnerabilities that impacted users of iTunes in the previous version 9.2.1.
Another way to protect oneself is to avoid clicking unverified links . The idea of getting an expensive, brand new Apple product may sound enticing, but Anstis warns people to not believe everything they read, even if the message is coming from a trusted source.
There's no such thing as a free lunch, he said, and there's no such thing as a free iPad or iPhone 4.