Friday, June 05, 2009

Tagged Photos: Phishing Fraud



WARNING: Photo File Sharing Fraud!

I just got 'tagged' and sorry, friends, I fell for it, too!

So, how does this work? Basically, a marketer looking to promote something tags a photo with several of their most influential friends' names. Those "friends" aren't necessarily supporting the given cause, they've just had their name hijacked for this purpose. That tagged photo ends up in the facebook, or blogger news feeds of the friends and their address books for...in my case...gmail.

So, like a lot of you...I received an email from a friend..or two, or three...asking me to view their photos. And like a lot of you, I thought...how sweet, she tooks some photos and is sharing them. WRONG! We were all in each others mail boxes, so when you emailed me and I clicked to view, I'm suddenly part of the food chain ;)

After people click through to view the 'photos' they've been 'sent', they discover that just as with most snapshot type photo services, you have to 'join' to view your friends photos. Dang...I did. Just as I have for real photos from friends in the past.

Only, in this case....it's not actually a picture album of their friend at all! And it instantly tags into your own address list and mails outs 'invitations' to your friends. Since my friends in this account are all quilters...several of us got 'tagged' at once and then we knew something was wrong!

For the marketer, this is an quick way to quickly push a message to wide group of people. Tag 20 friends, and through the friend-of-a-friend (FOAF) network, you could easily reach thousands.

Tagged.com is a social networking site with numerous consumer complaints already lodged against it and thus, is now regarded as a phishing and spamming site by consumer anti-fraud advocates. It was co-founded by Harvard graduates and entrepreneurs Greg Tseng and Johann Schleier-Smith. Launched in October 2004 by Tagged Inc. and privately owned, Tagged Inc. has raised $7 million in funding, from Silicon Valley venture capital firm Mayfield Fund . The site allows its users to build and customize profiles, send messages, leave comments, post bulletins, customize status, browse photos, watch videos, play games, give gifts, give tags, chat and' make friends.'

In June 2009, TechCrunch ranked Tagged as the 6th most valuable social networking site in the world with estimated valuation up to $920,000,000.Tagged provides a feature whereby users are invited to provide it with their email username and password, and it will then (without our permission or knowledte) check all of our email address books for contacts and repeatedly send email invites to people who are not yet on Tagged, claiming that they have been "added as a friend" or had photos of them tagged.

In March 2008 Microsoft announced a commercial partnership with social networking sites Tagged, Facebook, LinkedIn, Bebo, and hi5 regarding email contacts APIs which has since been implemented.

Prior to Tagged, Greg Tseng was Co-Founder and CEO of Internet incubator Jumpstart Technologies. In March 2006, Jumpstart Technologies settled with the FTC on alleged violations of the CAN-SPAM Act, which included a $900,000 fine, but no admission of guilt.

Tagged is known for a major lack of spam guards in user profiles, thus allowing users journals to be hijacked and repetitive messages of spam be posted.

The Photo album feature currently being used as spam invitations is extremely popular and profitable for them as phishers. Photo albums are an ideal vehicle for marketers for three reasons. We love them and like to view them, so its easy to 'click' to view them. There in this huge take-off on other names then for the marketer and any message put into photos has a strange automatic relevance because it is attached to the name of a friend. Finally, there is a huge curiosity factor as to why a friend is sending us the photos.

What's worse is that 'we' look like we are personally inviting people to view our photos. I kept pushing 'clear all' and still couldn't get out, fast enough.

So, if you got an 'invitation to view photos' from 'me'. It wasn't me. Well, it looked like me, acted like me, had my gmail address list of quilting friends. But it was that other me...the one that gets me into trouble because she opens her mail and wants to see your photo.

So, don't open any mail that says "TAGGED"...that's not from me, nor is it from my 150 quilting friends to their thousands and thousands of friends. It's a fraud! A trick! and A Nuisance to back out of!

If you fall for it, as so many of us have, go into your 'account' look for the delete account button near the bottom, delete all your info and then your account.

Warn your friends, in fact use this post Tagged Photos:Phishing Fraud as a way to tell just why they shouldn't open that email, join the 'club' or sign-in at all!
No phishing for me today, thanks anyway, I'd rather quilt ;)