• by Laurie Sullivan  @lauriesullivan, January 20, 2009

Social network and media sites that either sell ad space through third-party networks or allow consumers to upload videos on their servers need to remain vigilant about the content running across their networks, several online security experts warn.

Banner ads, video content and fake social network profiles have become the pipeline for stealing personal information as more consumers jump online. In the past year, ads on highly trafficked Web sites such as Expedia, Rhapsody, Blick and MySpace have triggered malware downloads. Most of the malware is distributed through pop-up ads, and not all of them require a click.

David Perry, global director of education at Trend Micro, a Cupertino, Calif.-based computer antivirus software company, said it's important to know the type of security software that third-party ad networks and sites run. Providing one example, he said pop-up ads for Anti Virus 2009, still in circulation, continue to promote software from a fake anti-malware company. "The problem is, the bad guys don't have to create fake ads anymore if they are good enough," he said, explaining they can infect legitimate ads on commercial Web pages, too.

For instance, an online travel agency that rented parts of their online page as a method to generate revenue never suspected hackers would use it to steal information from consumers. The way it worked was a company rented ad space from the travel agent through a third-party ad network. It began serving up legitimate shockwave ads that eventually rotated to those containing malware and rogue antivirus software that installed keyloggers on the consumers' machines.

The challenge is for legitimate sites that host banner ads to ensure that part of their agreement backend systems include continuing to vet the posted content, said Jamz Yaneza, Trend Micro senior threat analyst. In this case, failing to do so resulted in malicious click-throughs to hosted malware.

Hackers also recently seeded LinkedIn, Twitter and the Barack Obama campaign Web site with fake profiles and pages infected with malware. In fact, unbeknownst to consumers, many social networks are home to fake links that lead to sites infected with malware. "We have seen cases where bad guys set up fake social network profiles and then establish connections with friends on buddy lists to gain more information through phishing attacks," said Paul Wood, senior analyst at MessageLabs, Gloucester, United Kingdom.

Woods said there was also an increase in spam during the holidays as the global credit crisis hooked people into falling for email offers they might not have in the past. "People falling on difficult times are more inclined to look at these online offers," he said. "In one week at the end of December 2007, only around 2% of spam fell in this category. In the first week in January 2008, it rose about 1%. Compare this with the end of 2008 and the first week in this year, and those numbers rose to 4.2% and 10.2%, respectively."