As the web becomes more social, the usual bullshit scams, deceit and outright lies have to run the gauntlet of a thousand million eye balls. But like all good pathogens, new vectors for infection must and will be found — but at one what cost to the host?
Between 1348-49, England was besieged by an invader that took no prisoners, killing all in its path, be they young children, women, or the old. This accursed marauder was responsible for the deaths of almost 70% of England’s population, some estimates placing that figure at around 5 million people.
The enemy wasn’t a race of people, but a species of bacterium called Yersinia pestis, otherwise known as Black Death. Theories vary, but one concerns a benign origin for Yersinia pestis, in countries with warmer climates and people wearing less clothing. Here, transmission is as simple as skin-to-skin contact. However, in the more temperate north, we wear more clothes, which reduces direct skin contact. A new approach is required. And to be sure of infecting the host, the bacteria had to be more potent.
Does this all sound familiar? Of course it does. Humans are ingenious, but for the most part, we merely ape what Mother Nature has since perfected; a biological arms race.
In our world, such examples can be found in advertising: whereby advertisers have to find newer and more innovative ways of reaching the ever-increasing disinterested masses; and the battle between computer virus writers and anti-virus software developers.
From disease to direct message
Only recently, Twitter was the subject of a social scam that involved one person’s profile being compromised, which then sent out a direct message to their followers, encouraging them to click on a link, taking them to a website, asking them to enter their username & password .. and so on and so forth.
These scams can be, predictably, rather successful. However, because Twitter is a social network populated with plenty of tech’ savvy people, the message got around even more quickly and the whole thing died off.
This begs a very important question: what if this social scam had started on MySpace? Where the savviness of your average member is a degree or two lower.
What we do know is, social scams have traction, because certain tricks will always work. But because people are now able to react quickly, the amount of time these scammers have to hit pay dirt is substantially less.
As luck (or should I say, bad luck) would have it, Google’s Gmail service encountered serious problems earlier today, which sent ripples of displeasure and frustration throughout the world. However, one man’s misfortune is often another man’s gain. In this case, while Google dealt with their Gmail outage, someone created a Google Group for porno:
“… someone hacked the created a Google Groups page on Gmail (link NSFW) at the worst possible time, adding images that leave nothing to the imagination as well links to adult content elsewhere on the net on top of the page … this is not an official Google group but a user-generated one most likely deliberately set up now to take advantage of the fact Google has other things on its mind right now than checking up and moderating new groups on the subject of Gmail.”
This is opportunism at its very best. With every Gmail user in a blind panic, many would have gone in search of an update on Google. So what’s the most common search term likely to be? “Gmail down”, which happened to be the title of our porn-infested Google Group. Genius.
The evolution of the social exploit
The next logical step is for someone to emulate the Twitter scam, but sending out links to websites full of advertising. Doing this on a large enough scale would reap serious rewards, within the short time before word got out.
But let’s step a little further into the future, to a point where the amount of time the scammers have available to them is even shorter. Here’s where they need to make money faster. The benign infection must now work harder and become more virulent and possibly more harmful.
We already have many thousands of PCs that are infected, acting as invisible armies, armed and ready to attack servers anywhere in the world. So the stage is certainly set and all the players are in place.
If the means to prevent a social scam is our ability to communicate the source and nature of the attack via our social network, might these standing armies of “zombie” PCs be used to attack and then compromise the social network itself, controlling the ebb & flow of the very information we’re using to disrupt the attack?
Who knows. But what we also know is, as quickly as the diseased social scammers score their success, the collective host will react with equal or greater force to repel the next attack…