In the latest Snapchat spam developments, an increasing number of the photo-sharing app’s users have been sending out spam pictures of fruits or fruit-based drinks to their contacts, which directs them to websites called “Frootsnap” and “Snapfroot”.
Figure 1. Fruit spam on Snapchat
While Symantec has been tracking Snapchat spam for months, this is the first case in which the spam does not originate from fake accounts, but those belonging to real users. These accounts have been compromised to push diet spam.
Instagram users might recall similar campaign last summer, where a number of accounts were compromised to post similar images and messages, extolling the virtues of a miracle diet fruit.
Snapchat users visiting the websites frootsnap.com or snapfroot.com will be redirected to a fake page which has copied the template similar to a Groupon deal website. The page also claims to offer a free 30-day supply of a weight-loss supplement, commonly referred to as diet pill spam.
Figure 2. Website claims to offer weight-loss supplements
The site has no affiliation with Groupon, but uses its likeness to make the offer seem legitimate. If users try to redeem these free pills, they are redirected to a secondary site called securehlthbuyer.com. This site has been associated with securebuyerpath2.com, which has received complaints about excessive charges.
As of now, Symantec does not know how the legitimate accounts were compromised. We reached out to Snapchat before this blog was published to assist them in their investigation, and while we continue to work with them, they provided us with the following statement:
“Yesterday a small number of our users experienced a spam incident where unwanted photos were sent from their accounts. Our security team deployed additional measures to secure accounts. We recommend using unique and strong passwords to prevent abuse.”
We also came across reports of Snapchat users deleting the app from their phone hoping the spam messages would cease. However, this will not stop the spam. If your account has been caught sending out these spam messages, the best thing to do is to change your password immediately.
Figure 3. How to change your Snapchat password
You can change your Snapchat password through the Snapchat web form or through the application itself, by navigating to the Support section under Settings, as shown in Figure 3.