SAN FRANCISCO — It used to be that computer viruses attacked only your hard drive. Now they attack your dignity.
Malicious programs are rampaging through Web sites like Facebook and Twitter, spreading themselves by taking over people's accounts and sending out messages to all of their friends and followers. The result is people inadvertently telling their co-workers and loved ones how to raise their IQs, make money instantly on Google or watch an awesome new video in which they star.
"I wonder what people are thinking of me right now?" said Matt Marquess, an employee at a San Francisco public relations firm whose Twitter account was hijacked recently, showering his followers with messages that appeared to offer a $500 gift card to Victoria's Secret.
The humiliation sown by these attacks is just collateral damage. In most cases, the perpetrators are hoping to profit from the referral fees they get for directing people to sketchy e-commerce sites.
In other words, even the crooks are on social networks now — because millions of tightly connected potential victims are just waiting for them there.
Often the victims lose control of their accounts after clicking on a link "sent" by a friend. In other cases, the bad guys apparently scan for accounts with easily guessable passwords. (Marquess gamely confesses that his password at the time was "abc123.")
Social networks have become prime targets of malware creators for good reason, security experts say. People implicitly trust the messages they receive from friends and are inclined to overlook the fact that, say, their cousin from Ohio is extremely unlikely to have caught them on a hidden Web cam.
Sophos, a Web security firm, says that 21 percent of Web users report that they have been a target of malware on social networks. Kaspersky Labs, a Russian security firm, says that on some days one in 500 links on Twitter point to bad sites that can infect an inadequately protected computer with more traditional hard-drive-jamming viruses. Kaspersky says many more links are purely spam, frequently leading to dating sites that pay referral fees for traffic.
