Apple Ping Hit By Facebook Scam

Welcome to the club, after Apple’s new iTunes social network Ping was hit by similar scams that affects other social networking sites.

Ping launched 1 September with the goal of creating a social network for the more than 160 million users of iTunes. However according to Sophos, the service has been hit with a barrage of scams and spam messages in the days since the launch, including some seeking to get users to fill out online surveys in exchange for a free iPhone.

Survey Scams

“We’re used to survey scams like this being spread far and wide via sites like Facebook, but clearly the lack of filtering on Ping is making it a brand new playground for the bad guys to operate in,” said Graham Cluley, senior technology consultant for Sophos, in a statement.

“It’s ironic that the most common scams on Ping right now revolve around Apple’s own iPhone. It’s safe to assume that Ping does incorporate some rudimentary filtering to prevent offensive messages from being posted, so hopefully Apple’s security team can extend this to also block scam messages and malicious links. In the meantime, though, Ping users should be wary of believing what they read on the new service,” he said.

The prospect of spammers using social networks is hardly new. In fact, Sophos published research earlier this year that showed a 70 percent increase in the number of users reporting spam and malware being spread via social networks. Much of the survey spam is nearly identical to scams seen on Facebook, Google and Twitter, Sophos senior security adviser Chet Wisniewski blogged.

Spam Goes Web 2.0

“Most of the security industry has been pointing out the migration of spam from an email-only venture to blog/forum comments, Facebook, Twitter and other Web 2.0 platforms,” blogged Wisniewski. “But apparently Apple didn’t consider this when designing Ping, as the service implements no spam or URL filtering.”

“As more companies jump on the social networking bandwagon they must think carefully about what they are going to do to make their communities a safe place for users to hang out,” Cluley added. “If they’re complacent about these sorts of security risks then users may end up voting with their feet, and find a safer place to spend their online time.”