NEWS FROM THE LAB - Friday, August 27, 2010

CPAlead Spam on YouTube Posted by Sean @ 20:22 GMT

One of our Safe and Savvy bloggers, Melody-Jane, recently asked me about some "free" offers for F-Secure Internet Security 2010 that she spotted on YouTube. She thought the videos, and their associated links, looked just a bit more than suspicious. So I decided to check them out.

What I discovered was Cost per action (CPA) spam. The same sort as I've recently been investigating on Facebook. (I'm really, REALLY beginning to hate this CPA stuff.)

This is what one of the typical videos looks like:

YouTube Spam

"Click the Link to Begin Your DOWNLOAD.......BEFORE IT'S REMOVED!!"

Too late. I've already reported the video to YouTube and Bit.ly abused their link within 30 minutes of my request. (Nice!)

Here's another example of a spam video.

YouTube Spam

As you can see, it isn't just our software that the spammer is trying to rip-off, he's offering many other AV products as well.

If you click on the link advertised in the video's description, you'll end up at a WordPress.org blog.

At which point you'll be presented with a CPA survey to "unlock the free content".

YouTube Spam

And what content do you get for your trouble when you fill out the survey?

A link to a torrent site… (jerk).

Downloading cracked software is typically a short path to malware. We don't recommend it (doesn't matter what software).

Be seeing you,