Yet Another E-Mail Spam Targeting Twitter Users

Researchers at Sunbelt, a security company, reveal that a fresh e-mail spam is profusely targeting people using Twitter.com, the micro-blogging site.

Expressing amazement at certain product, the new unsolicited e-mail uses the phrase "Wow, a marvelous product." Moreover, the e-mail provides a web-link that's maliciously created

For, on clicking it, users are diverted onto a website that contains a paid movie. However, users may eventually land on an html URL carrying PDF attack codes that wait to contaminate the system.

States Sunbelt that this attack code is Exploit.PDF-JS.Gen(v). Security researchers at the company define it as a threat which abuses vulnerability inside PDF files embedded with JavaScript commonly dropping downloaders that are capable of retrieving more malicious programs from unknown online sites.

Further as Sunbelt outlines, the latest spam campaign uses other phrases too, apart from that already mentioned. These are "Wow, A Shocking Discovery," "Wow, A stunning Product," "I Just Can't Believe This," "A Revolutionary Product," "Watch This," amongst many more, as per Christopher Boyd, Senior Threat Researcher at Sunbelt. Sunbeltblog.blogspot.com reported this on June 15, 2010.

Unfortunately, it isn't something new that Twitter, or any other social-networking site, is being subjected to attackers' abuse. What's more, the researchers at Sunbelt comment that such attacks are not likely to end. In fact, according to them, the attacks seem to keep on escalating as increasing number of people surf on Twitter.

For instance, in June 2010 itself, another security company, Sophos, discovered that in response to users' tweets regarding the controversy over recent Israeli Gaza barricade, and about Obama, a Twitter spam infected the site surfers with malicious software, which was traced to Morocco and Saudi Arabia.

Eventually, whilst Twitter stays in expectation for social-networking sites to devise some method for stopping the current type of offensive spam runs, Web-surfers can attempt at protecting themselves by not clicking on links inside e-mails that unfamiliar sources may send. For, such links can actually be from cyber-criminals seeking to hijack people's computers. Moreover, it's advisable that users install high quality security software consisting of anti-spam filter and anti-malware software.

Related article: Youth’s Bank Account Used in Transferring Phished Funds

» SPAMfighter News - 6/25/2010