Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Widespread Twitter profile spam - why we say Do Not Click!

Dave Michmerhuizen and Luis Chapetti | Oct. 30, 2012
This morning our honeypots received large numbers of spam e-mails pretending to be from Twitter, presenting the new Twitter Profile changes.
//

This morning our honeypots received large numbers of spam e-mails pretending to be from Twitter, presenting the new Twitter Profile changes.

Twitter spamThe telltale sign is that the button and all of the links in this HTML e-mail point to some domain that is definitely NOT twitter.  We are seeing thousands of these spams with links pointing to a variety of domains belonging to dummy or compromised websites.  Clicking on anything in this e-mail results in a server redirect, which is why we insist you follow our "Do Not Click" advice.

B Twitter1Currently the redirect sends you to a Canadian Pharmacy website that offers to do great things for your love life. But, while these compromised domains are under the influence of spammers, it's easy for spammers to alter them to point wherever they want. Without any warning, these sites could begin directing visitors to a phishing site posing as a Twitter login page. 

Spam like this exemplifies why our number one rule about unsolicited e-mail is "Do Not Click."  Sifting tea leaves and trying to determine the validity of an e-mail is a losing proposition. While you could be right, the risk of being wrong, and the downside if you are isn't worth it. In a situation like this, open a browser window and type twitter.com to be sure you're visiting the legitimate site. 

Barracuda Networks customers using the Barracuda Spam & Virus Firewall are protected from these e-mails.

Dave Michmerhuizen is Research Scientist and Luis Chapetti is Security Researcher at Barracuda Networks

 

 

Sign up for CIO Asia eNewsletters.