Android social apps slated for sending 'growth hacking' spam

Glide alone sent sent ten times the traffic of WhatsApp

Mobile security firm AdaptiveMobile has named and shamed a clutch of popular Android apps it believes have been using the 'growth hacking' technique to spam large volumes of invitations to the contacts database of installed users.

After conducting an analysis of US and Canadian app users, the firm said the practice had spiked eightfold by February 2014 compared to six months previously, fuelling a rise in aggressive marketing users often found difficult to opt out of.

The worst offenders included a number of communications apps such as video texting app Glide, messaging app Tango, photo app Pixer, and chat apps Meow and Skout. Glide alone accounted for 57 percent of the messages AdaptiveMobile detected while Tango sent 19.7 percent, making these by some distance the worst offenders.

To put this into perspective, Glide's traffic was ten times that of Facebook acquisition and market leader WhatsApp in the same period, the firm said.

"It's common to invite friends to new apps, but this shouldn't turn into spam," said AdaptiveMobile's head of data intelligence and analytics, Cathal McDaid "These apps take this principle above and beyond acceptable limits, subverting communications between friends and contacts."

Sometimes this kind of behaviour could be initiated in ways the user might not anticipate or notice. An example of this was Tango's feature of inviting contacts every time a user took a photo.

"The key to whether an SMS invite is welcome or viewed as spam lies in the application's user interface. Making it difficult for users to not send SMS spam invites is one reason behind the high level of app spam, " said McDaid.

"This will hurt a company in the long run not only by irritating consumers but, as we've seen with last week's Google announcement, it could also result in having an app being removed from an app store for not complying with terms and conditions."

A quick check confirms that many of these apps are indeed widely complained about on Google's Play store for spamming behaviour. This probably does explain why only days ago Google tightened its Developer Program Policies in a number of ways including outlawing unsolicited app promotion of this kind.

Google gave firms 15 days from 28 March to comply with this new regime or face expulsion from Play.

Join the CSO newsletter!

Error: Please check your email address.

Tags Mobile &ampWhatsAppNetworkingsecuritywirelessFacebook

More about FacebookGoogleindeed

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts