Spammers Continually Flood Twitter With Junk E-Mails

According to the security firm Trend Micro, spammers have been actively targeting Twitter for quite some time. They've dispatched many different types of spam mails, which all seem to be originating from Twitter.

A few messages purport to be from the customer support team of Twitter. They tell the recipient that an attempt has been made for grabbing the password of his Twitter account; therefore, he must follow a given web-link for downloading "secure software" that will safeguard his account.

But when anyone clicks on the web-link, a Trojan gets downloaded that specifically targets Windows, while a backdoor is also installed on the system. This backdoor enables the attackers to issue commands to the infected PC, and also generates alert notices, stating that there is malware on the user's computer, after which it suggests that user to buy an anti-virus solution.

Highlights Trend Micro, currently pharmacy spammers too are employing this Twitter patterned e-mail format for promoting unregulated drugs. And the spammers in question are abusing Twitter's logo to execute malicious assaults.

Moreover, Trend Micro says, cyber-criminals are continually using Twitter as social-engineering lure; therefore the site is encountering more and more phishing and spam problems. Indeed, with these problems affecting the micro-blogging site, Twitter has lately declared on its authorized website that in course of 2010, it will make all web-links inside users' Tweets to pass via the internal URL condenser of Twitter. Consequently, these spam assaults may be mitigated since spammers have no strategy in place for disguising their malevolent links through a URL condensing system, the declaration adds.

For the time-being, Trend Micro suggests users to follow the usual alerts regarding web-links in spam mails, viz. clicking e-mail links can be dangerous. Moreover, Twitter never distributes web-links directing to protective software. Apart from this, computer users are recommended that they should deploy good quality spam and malware filters.

To conclude, the ongoing spam mail attack has reportedly occured just days after the ThreatSeeker Network of Websense Security Labs cautioned Twitter users of certain spam mail that carried a malicious web-link purporting to be from Twitter. In reality, the link led onto a hijacked website that served fake anti-virus software.

Related article: Spammers Continue their Campaigns Successfully

» SPAMfighter News - 6/18/2010