Everyone knows that in order to be successful online you have to have visitors and buyers – makes sense right?

In working toward getting this site more visitors and thus more buyers (clients) I’ve studied many of the methods that some of the top Internet Marketing people have promoted. Building a community of readers is one way of getting and keeping visitors.

People like Frank Kern, Jeff Walker and many others promote using Web 2.0 to promote your site. They recommend and use sites like Twitter and Facebook. I’ll admit to having an account on both sites and I try to make some worthy posts on both, however, the security gnome inside me keeps wondering how safe are these sites. Okay, there’s no wondering, I know how safe they aren’t.

I personally know of many people who have been burned by fake emails purporting to be from someone they know, or someone who found them on Facebook, telling them to view a video online or view a document online only to fall victim to this social engineering tactic and become infected. When you see the amount of infected websites that I see everyday, you might be less likely to just click on any website.

For instance, Twitter has a message size limit of 141 characters. Many people will post a link on when they “Tweet” (ugh!). Often times, I’ve seen postings that use tinyurls. This is a service that allows you to place a very long URL into a shortened version that links directly to www.tinyurl.com, which then redirects you to the original link. Any cybercriminal could use this same service (and has) to masquerade their intended infectious website.

You see cybercriminals are extremely intelligent and crafty. They go where the masses go. If everyone’s going to Facebook, cybercriminals will be all over that site trying to find ways to use Facebook’s strengths to exploit the weakest link in any security strategy – human curiosity.  I’ve seen emails with wording like, “Unless you really need to (fill-in the blank) , please don’t click on this link as we can only handle a certain amount of traffic.” And I’m sure they get a lot of people clicking on that link just because they want to know what’s on the other side.

I can’t emphasize it enough. You have to be wary of every email you get that looks like it’s from some social networking site. Every email.

While I agree with Frank Kern and Jeff Walker about using Web2.0 tools to promote your site, I also worry about all those unsuspecting Internet Marketing rookies that will undoubtedly fall victim to some scam running on one of those sites.

Back in December 2008, Facebook users were subjected to the Koobface worm. This worm infected many by sending bogus emails to Facebook users taunting them with subject lines like; “Check you out in this video”. When the user clicks on the link in the email, they’re either redirected to a malware delivery site, or told they need to download a file in order to view the video. The file downloaded is the infection.

Many Facebook walls had these same malicious links posted so anyone who visited that persons profile would at least be presented with the infectious offering.

In January of 2009, users of the social networking site LinkedIn were subjected to bogus profiles of some top name celebrities. Names such as: Beyonce Knowles, Victoria Beckham, Christina Ricci, Kirsten Dunst, Salma Hayek and Kate Hudson were among the list of stars with bogus profiles. People clicking on these sites were offered various temptations – each one an infectious present.

Anyone else have any stories about someone falling victim to a social networking, socially engineered attack?

Leave a comment if you have one.

Not to be left out of the upcoming festivities, hackers are using SEO to infect more people with their fake Anti-virus programs.

For the past week we’ve been monitoring 2 current events – Halloween and the financial crisis.

What we’ve seen is that hackers are infecting legitimate websites that show up in the SERPs when “halloween costume” is the the search term. Their infection includes some javascript that does a silent redirect to one of their websites which falsely shows the visitor that their computer might be infected and they should download “their” anti-virus software to improve the speed of the visitor’s computer.

The thing is, the infection of the legitimate website is a silent redirect that actually includes the keywords optimized for high SE rankings. So the hacker is actually making the infected webpage rank higher in the search engines. They actually use common SEO techniques to attract more people to their infectious webpages.

Another thing we’ve seen and has been confirmed by Panda Labs is the correlation between down days in the stock market and the amount of new malware released. As the market dips, the number of infectious files increases. We’ve been noticing this on our honeypots (computers we leave open on the Internet hoping they’ll get infected so we can further analyze the infection)

This kind of runs parallel with the halloween costume scenario. What the hackers are doing during the dips in the market are making “available” their rogue (read fake) anti-malware software via various infected webpages.

Instead of going after banking logins and other such useful information they’re (the hackers) interested in “legitimitizing” their business by selling their rogue anti-malware. First they have to convince the visitor that their computer is infected, then they offer an immediate solution.

Ingenious!

Following standard marketing strategies, the hackers are actually making the visitor aware of a need and then offering a quick solution – for $60.

According to Panda Labs, they estimate that this marketing strategy has made the hackers approximately $14 million a month. I’m not sure I follow their math, but regardless, the hackers are making money.

I believe that the financial crisis is creating more fear about identity theft and therefore making this strategy more effective during the down cycles in the market.

Just so you know, our honeypots are fed popular keywords based on current events and then they visit the resulting webpages, record the activity and that’s what we base our information on.

It’s a fun way of spying on the hackers and it’s what we use in our securitiy appliance “The Box” to blacklist websites and malicious code. It’s what we use in WeWatchYourWebsite to find malicious code. We then search all of our clients websites looking for this malicious code. If any is found, we alert them immediately.

Be careful out there. It’s getting real nasty.