Over the past week, users of the photo messaging application Snapchat have seen an increase in the number of spam snaps (Snapchat pictures). The service is now being infiltrated by a myriad of fake accounts sending spam snaps of topless women.
Figure 1. Spam accounts on Snapchat
Snapchat users are currently receiving requests from accounts named similarly, using the following format: “[GIRL’S NAME]snap_####”. Each request features a pending snap from these spam accounts. Despite the app offering
privacy settings to only allow snaps from friends, users can still receive add requests from unknown users. Some Snapchat users we spoke to have noticed an increase in these requests over the last week.
Figure 2. An example of a spam snap with a topless woman
If a user accepts one of these requests, they will receive a spam snap of a nude woman. While the photo may vary, each snap includes the caption, “Add me on KIK for nudes swap ;)” along with a username on Kik Messenger, an instant messaging application for mobile devices.
Moving to Kik Messenger gives spammers the opportunity to leverage porn bots, fake accounts that engage with users by using a predefined script that promises more nude photos.
The porn bot offers more nude photos, but only if the user clicks on a link to install a mobile application first. To make sure the user installs the application, the bot requires proof and requests a screenshot from the app before sending more nude photos.
Figure 3. An example of a porn bot on Kik Messenger
If a user clicks on the link, a series of redirects occurs through affiliate programs, leading to games hosted on Apple’s iOS app store or the Google Play store. We have found that reviews of one of the applications mention the spam from Snapchat.
Figure 4. App store review highlighting Snapchat spam
The way these spammers make money is through affiliate programs that pay for each successful installation. This is why porn bots ask for proof of installation in the chat script. From our research, there were at least 30,000 clicks through multiple short URLs, though this number may be higher when considering that there could be multiple campaigns with different short URLs in operation.
As we’ve highlighted in
previous examples, once a service becomes popular, the spammers are never far behind. With 350 million messages
sent on Snapchat on a daily basis, it is no surprise that spammers have honed in on the service.
Other than porn spam, Snapchat users are also being targeted by a new campaign that uses a “secret admirer” lure in order to direct them to a website called SnapCrush. This website harvests usernames and directs users through a similar chain of affiliate programs with the same intention: to convince users to install a mobile application.
Figure 5. A new spam campaign on Snapchat
Currently, there is no way for Snapchat users to report these accounts as spam within the application itself. For now, users can report spam accounts to the service through the
Report Spam section of the Snapchat support site.
