Fake Foursquare E-mails in Circulation
According to security researchers from Trend Micro, a spam outbreak is distributing malicious e-mails because the messages only pretend to be from the social-networking website "Foursquare" while divert recipients onto a tempting pharmacy website.
Using the date April 20, 2012, the e-mail has been spoofed to make it appear as being just dispatched, while it feigns to be sent from Foursquare, the website that runs on a location-specific basis. The message seems to tell the recipient that he has been chosen to be a friend.
"Jacqueline Turner is now your friend" is the attractive header to the spam mail that informs that Turner welcomes the reader's request for being her friend through Foursquare. The new friendship profile is available for viewing on https://foursquare.com/user/46711115, states the e-mail. After this, the e-mail re-iterates that the reader can make the changes anytime to his account and the list of contacts; his privacy controls; options as well as e-mail preferences by visiting the User Settings section of the website to suit with other social-networking websites such as Facebook or Twitter.
As per additional analysis, Trend Micro researchers found that the 'From' address given as email@example.com tried to look like one genuine Message ID. There were also some URLs embedded on the e-mail that too were spoofed since they linked up with a blank web-page having just, one more, URL namely "Wiki Pharmacy" that related to sex-enhancement pills for sale.
Actually, research showed counterfeit senders' details, with little evidence of the e-mails either being real messages from MySpace or LinkedIn, other popular social-networking websites.
Foursquare, however, confirmed no such friendship approval e-mail was being circulated on the website. Referring to the new spam outbreak, the security researchers articulated the popularity of spammers relying on social networks for increasingly ensnaring Web-surfers.
They advised anybody getting the Foursquare-masqueraded e-mail for verifying it through performing a check of the embedded URLs if they actually led to the website they claimed to. This could be done with the PC-mouse that had to be brushed on the embedded web-link, which would display the URL address normally inside the status bar of the Web-browser.
Related article: Fake Spam Mail Announces Australian PM’s Heart Attack
» SPAMfighter News - 02-05-2012