Breaking Bad(ware): Micro-targeting hits the spam world

Why spammers want to know all about your TV-viewing obsessions.

If you grew up, like I did, during the 1970s and 80s, you can remember the heyday of broadcast television, when big, televised events attained mass-culture status. Forget about the Superbowl. What about the final episode of M.A.S.H in 1983 when an astounding 60% of households in the U.S. (125 million viewers) tuned in?

That kind of thing rarely happens anymore. In fact, of the 25 most-viewed television episodes, only three aired within the last decade, and none within the last five years. That reflects the reality of TV viewing (and most other forms of consumption): audiences are becoming smaller and more fragmented. John Q. Public is dead. Increasingly, we are the sum of our niche interests, whether they be fantasy (the HBO series "Game of Thrones,"), sports ("fantasy football"), Edwardian drama ("Downton Abbey") or… zombies ("Walking Dead").

Cyber criminals know this better than anyone. The best articulation of that is so-called "watering hole" attacks, in which sophisticated hackers compromise a web site that is frequented by the individuals who are their real target. That's why problems like spam haven't gone away – they've just changed with the times. The latest evidence of this comes by way of the security firm Symantec Corp., which warned last week that affiliate marketing spammers had jumped on the popularity of the penultimate episode of the AMC show Breaking Bad, peppering Twitter lists of Breaking Bad fans with links purporting to be "leaked" versions of the final episode of the show.

Folks who followed the links were required to run a gauntlet of third party web sites (thus generating cash for the spammers) and offers to install useless adware, only to wind up in possession of an older, already released episode of the show. Great. Symantec points out that spammers are playing on fans enthusiasm for the show –"riding the coattails of the show's popularity in an attempt to trick users into downloading a leaked copy of the next episode." Twitter list spam is a great way to do this – allowing spammers to insert malicious links into a near-realtime, online conversation among viewers of the show.

What's interesting is that Breaking Bad isn't even close to the most watched show on TV. The show's premiere episode this season drew a mere 5.9 million viewers – its best showing ever, but not even close to a top rated show. By comparison, CBS's Survivor: Philippines drew 11.9 million viewers to become part of a three way tie for 24th place on the 2012-2013 season. (And "yes," they still make those "Survivor" shows.) The top ranked show, CBS's NCIS, drew 21.9 million viewers – almost four times Breaking Bad's audience. What's more interesting to scammers, however, is the engagement among the show's following. As this New York Times piece notes, the season-opener generated 750,000 messages on Twitter – those posts are a gold mine of data for scammers: revealing both an online account belonging to a real human being and a bit about that person's interests.

Twitter is hardly the only social media outlet that spammers have figured out how to leverage in their search for potential victims. Recent work published by Italian researchers found that Facebook fan pages have become a huge source of revenue for spammers, with spam links on popular Facebook pages generating an estimated $200 million in revenue annually.

With scammers leveraging many of the same micro-targeting technologies and platforms other online marketers, what's to be done? That's hard to say. As prevalent as the malicious activity is, it is merely background noise to the huge volume of legitimate traffic and activity that takes place on a daily basis. And the line between legitimate "sharing" and illegitimate "spamming" can be difficult to discern, unless users call the attention to the problem. Often, spammy offers such as links to "free iPhones," bogus surveys or eye-grabbing articles "Signs that you have cancer…" just get ignored. Beyond that, social media platforms often generate revenue from the malicious activity. "Facebook doesn't ban us, simply because we generate the content on Facebook itself," one of the spammers told the Italian researchers. "Without the fan pages Facebook would be an empty place. Tell me how many links do you see shared by your friends on your timeline everyday?"

 In other words: what's the difference between a spammer and an enthusiastic user of Facebook, Twitter, Instagram or any other social media platform – especially as those platforms look for more and more ways to monetize the activity of their users.

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon