Feeds

Spammers latch onto Ping to pump iPhone survey scams

Quick off the mark

Security for virtualized datacentres

Spammers have been quick off the mark in exploiting Apple's new iTunes social network to punt survey scams.

Ping only launched on Wednesday but is already being deluged with scams and spam messages, some attempting to dupe surfers into wasting their time completing online surveys under the false promise that they stand a chance of receiving a free iPhone in return for their efforts.

The service, built into the latest version of iTunes, gives users the ability to build networks of friends and share musical tastes or make suggestions. It also allows users to post comments, a facility spammers have been quick to latch onto and exploit for their own nefarious purposes.

Survey scams have become endemic on Facebook over recent months. A lack of filtering on Ping means the fraudsters have gained a new forum through which to peddle scams, net security firm Sophos warns.

"Most of the security industry has been pointing out the migration of spam from an email-only venture to blog/forum comments, Facebook, Twitter and other Web 2.0 platforms," writes Chester Wisniewski of Sophos. "But apparently Apple didn't consider this when designing Ping, as the service implements no spam or URL filtering. It is no big shock that less than 24 hours after launch, Ping is drowning in scams and spams."

Oddly, Apple seems to have anticipated a certain degree of mischief, since uploaded profile pictures only appear after approval, a move designed to prevent Ping plumbing the mucky depths of Chatroulette. Apple is likely to be filtering out other forms of offensive content, and these might be tweaks to block spam, according to Wisniewski. In the meantime, Ping users are advised to be wary, especially about suspiciously generous offers.

More details of the Ping spam attacks, including screenshots, can be found in a write-up here. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.