Spammers Targeting Kids Through Gaming Sites
Written by Jeff Orloff on January 23, 2012
Most adults are well aware of spam. Having encountered email spam since the early days, it is safe to say that many people over the age of 20 have at one time or another been educated, trained or have experience with regard to identifying spam and how to deal with it.
Spammers, always trying to stay one step ahead of the game, realize this. They know full well that businesses conduct trainings for their employees, IT departments spend thousands of dollars on spam filtering technologies and many of their intended victims have just grown wise to their methods over the course of time.
So, like any good criminal would, spammers have adapted.
Over the years they have ventured out into other avenues in which to launch their attacks using social media, text messaging services and even the content used by websites has become a method for spammers to advertise their products.
However now spammers have not only changed how they attack their victims, but they have changed the victims themselves.
More Spam Targeted At Children
Children have always been the indirect casualty of spam since the day they sign up for their first email account. Once that address is captured by a spammer’s list they will most assuredly start receiving ads for pharmaceuticals, financial help and even mail order brides.
But for quite some time their receipt of these messages was based on mere coincidence. Their email address was caught in the cross-fire.
Spammers didn’t target them directly because the messages sent to them were essentially worthless. Most 13 year olds weren’t looking to get out of debt or interested in meeting singles in their area (over the age of 18 that is).
But that has all started to change.
Spam itself has changed as well. Sure there are still enough email messages pleading for your assistance moving money out of a war torn nation, but for the most part this type of spam has slowed down. Taking its place are phishing scams and the delivery of malware. And both are much more dangerous than the Nigerian prince hoax.
Children Are Easier Targets
Children may be more adept at using technology than their parents, but they are still kids. And what is one thing that kids love to do on the computer? Play games.
Of course, this quickly became a breeding ground for spammers.
Spammers can easily target the email addresses of younger Internet surfers to advertise fun, arcade style web sites that specifically appeal to children. Clicking on the link provided in the spam email takes the eager-eyed kid directly to a site where they can choose from hundreds of online games to play.
By infecting the website with malware spammers have found that they can easily attract thousands of visitors who are far less skeptical and much more willing to click a link or download a file if it means that they can soon have access to a wealth of games to keep them occupied.
So bad is the problem that some security firms report that there are more than 60 arcade game sites that contain malicious software aimed at children. Some of these sites were designed specifically to serve malware and others are the unknowing victims of cybercriminals who have injected the malicious code into a perfectly legitimate web site.
Why Kids?
If kids don’t have the money to fork over to the spammers, then why have they become the targets of these attacks?
Because it gives the criminal easier access to their parents information and data.
Since most children share a computer with other family members, spammers have picked up on the fact that by tricking little Johnny or little Sally into downloading a keystroke logger through their site, they can have complete access to any information their parents may have there.
Taking it one step further, by requiring a credit card to access premium content or to purchase additional game features, scammers can easily capture thousands of freshly validated card numbers from parents who allow their children to make these purchases online.
Unfortunately, education doesn’t really work as well with kids as it does with adults. Adults quickly see the ramifications of spam and avoid it. Children, on the other hand, are much more impulsive thus, clicking on a link that promises fun outweighs the risks.
To fight this trend it is going to take vigilance on the part of parents to stay on top of their children’s Internet activities and the implementation of the right technologies to help keep kids off of sites that pose such a risk.
Loading ...
This is the reason why I’m against websites and portals that don’t have any means of verifying their users are at least 12 or 13 years old. Take for instance Facebook. According to the company’s official policy, no one should be allowed to register and use Facebook if they are below 13 years old. You can see the details here: https://www.facebook.com/help/parents
However, I have tons of friends and co-workers who let their children below 13 years old use Facebook. Most don’t have their parents’ permissions. Aside from crowd-sourcing data or reports from other users, Facebook does not have any means of verifying their users’ age. This is also one of Myspace’s downfall. The said social media website became a haven of child molesters.
I don’t think that it’s worth educating children about spam much more than “don’t open emails from people you don’t know” which falls right in line with not talking to strangers.
More importantly, you just need to make sure that as parents you know where your children are going and can determine whether or not the sites they use are safe. Also, having adequate protection installed for the inevitable unsupervised browsing is a must.
Kids are more vulnerable than an educated adult but don’t forget that many kids have IT skills and know more about the Web and its dangers than the majority of adult users. Still, it is low to target children but if parents teach children once not to trust everything and everybody online, children aren’t easier victims.