Social entertainment applications require users to gather a considerable number of friends and supporters to play the same game, leading to player-development of social gaming channels, groups and fan pages to facilitate player interaction.

According to BitDefender data, the social networking site Facebook had at the end of January 2010 around 350 million users globally. The most popular game on Facebook is Farmville.

Spammers and phishers exploit the increasing trend of social gaming with fake profiles and bots that send spam messages to groups, as the BitDefender case study presented at the MIT Spam Conference shows. Unlike the regular social networking spam, when the users are enticed to add the spammer in their circle of friends, the social gaming-related phony profiles are willingly added by the users as an immediate consequence of their interest in enlarging the supportive players’ community. This makes it almost impossible for the bogus accounts to be automatically suspended, since the spammers’ action does not constitute an abuse.

The most successful fake accounts are those miming real profiles, which hold plenty of details and pictures of the “user.” In an acceptance experiment, BitDefender researchers created three honeypot profiles – one without any picture and holding few details, another with an image and limited information and a third with a large amount of data and photos. All three profiles where subscribed to general interest groups. One hour after adding people to each profile, the circle of friends enlarged with 23 connections for the first profile, 47 for the second profile and 53 for the third profile.

After joining social games groups, the volume of users willing to add unknown people drastically increased. Within 24 hours, 85 users accepted a request from the first profile, 108 from the second and 111 from the third.




“Users are more likely to accept spammers in their friends list when they are in a social network than in any other online communication environment,” said George Petre, BitDefender threat intelligence team leader and author of the case study.

The security implications are numerous, ranging from the consolidation and increase of the spamming power, data and ID theft, accounts hijacking to malware dissemination. A shortened URL posted without any explanation on each honeypot profile was followed by 24 percent of the friends from the three accounts, even if they did not know who posted it and where was going.

Even if this scenario the user is a familiar with e-mail spam campaigns, this particular situation presents some distinctive features. The users are more willing to add a spammer to their profiles if the spammer’s profile has photos and details and click on the links provided by the certain account. While users view e-mail as a traditional malware contamination venue, social networking sites are seen as a source of entertainment and the users don’t pay too much attention to security threats and easily fall victims to spam attacks.


“This fact brings spam and social engineering schemes closer to the user than any e-mail spam or online scam. Moreover, we have seen that in a social applications environment, users can easily be tricked to add spammers to their profile. Thus, we recommend social gaming aficionados use extreme caution before enlarging their circle of friends,” Petre added.