Last month a group of security researchers exploited a weakness in mobile photo sharing app Snapchat’s systems, stole usernames and telephone numbers for 4.6 million Snapchat users and posted them online in the process.
Turns out Snapchat, which was criticized for its cavalier attitude in the weeks that followed, has not been especially effective in thwarting spammers on the service since. On Tuesday, Snapchat was hacked again.
“Yesterday a small number of our users experienced a spam incident where unwanted photos were sent from their accounts,” a Snapchat spokesperson wrote in an email to Digiday. “Our security team deployed additional measures to secure accounts. We recommend using unique and strong passwords to prevent abuse.”
This time the hack also involved former startup wonder Groupon, possibly through its affiliate program. Snapchat users — including this reporter — have recently reported receiving a spammy photo of a smoothie that also included an advertisement for frootsnap.com.
As of last night, frootsnap.com was directing users to a webpage made to a look like one of Groupon’s signature daily deals. The URL, groupon-claim.me, was different from Groupon’s actual groupon.com domain, however, and Groupon claimed it had no hand in sending the Snapchat or in making the sham Groupon website.
But following the Snapchat spam trail leads back to Groupon’s doorstep:
When Web users interacted with the lookalike Groupon page, they were directed to the following dietary supplement website.
Filling out the personal information on the website’s right rail resulted in users being sent an email made to look like a Groupon daily deal email. Again, the URL for the email sender — in this case r.groupon.com — differed from Groupon’s domain.
Clicking on that email directed recipients to Groupon’s actual domain, however, and asked users for their gender and activity preferences.
“This website is in no way associated with Groupon and should be ignored. We’re aware of it, and we are working to have it shut down,” a Groupon spokesperson said this morning in an email.
Groupon has been running an affiliate program for years, through which it pays publishers 10 percent of the sales they drive to it. It’s possible this spam is the result of one of its partners employing some unscrupulous tactics.
The frootsnap.com URL does not direct users to the fake Groupon page any more, but it still active. As of this writing, frootsnap.com sent users to an Allrecipes.com page for a Berry Delicious fruit smoothie recipe.
Allrecipes had no involvement of the hack, according to its vp of brand marketing Esmee Williams. Still, the Berry Delicious page has nonetheless seen a significant spike in traffic as a result of the hack.
The Washington Post invests in climate coverage as its team expands to over 30 journalists
The Post's climate team continues to expand as the publisher makes big bets on the beat drawing younger audiences.
Inside one media company’s strategy to monetize the Fifa World Cup
Soccer media business Footballco has spent most of 2022 trying to make hay while the sun is shining.
Member ExclusiveMedia Briefing: Publishers’ Q3 earnings reports show promise, but not without sacrifice
Publishers' third quarter earning reports are in.
SponsoredHow brands are measuring incremental performance on CTV
Connected TV is unique among other advertising channels because it combines linear television’s storytelling capabilities with digital marketing’s targeting and measurement. As more marketers leverage CTV advertisements to reach relevant and engaged audiences, they also want to understand the real value they are generating with their investment. Incrementality reporting and measurement allow advertisers to measure […]
Publishers continue to evaluate cost-cutting in Q4, with economic and budgetary pressures mounting
The wave of cost-cutting measures in Q3 is still flowing into Q4, with publishers under pressure to keep expenses down at a time of continuing economic uncertainty and budget planning.
A new entrant in the data-driven linear TV measurement space aims to fill a gap left by Microsoft’s Xandr
As Xandr shuts down its Clypd platform, datafuelX's M3 SaaS product aims to solve some of the multi-currency, multi-platform problems with investing in convergent TV today.