The Spam Report, June 2009

Micro-blogging site Twitter is fast becoming a target for spammers, but that isn’t surprising as cybercriminals are known to exploit the reputations of trusted brands online for their own benefit.

  • E-Mail
By  Vineetha Menon Published  June 11, 2009

Micro-blogging site Twitter is fast becoming a target for spammers, but that isn’t surprising as cybercriminals are known to exploit the reputations of trusted brands online for their own benefit.

Symantec highlighted two campaigns - Make Money Fast (MMF) and a dating spam – on Twitter over the last month.

In the MMF attack a ‘Risk-Free Twitter Profit Software’ kit is offered, with recipients directed to an online form which asks for personal information including name, email address and postal address. This is followed by another form asking for your credit card number, expiration date and security code.

Some of the subject lines used to lure spam victims include: ‘Twitter Guru Reveals All On Video’, ‘Use Twitter to make money’ and ‘Teenagers are playing online and making grundles of money’.

The second Twitter-related spam attack involves dating site Datetwit being targeted. Various recently registered spam domains are used in the links, which lead users to enter Twitter credentials to access the dating site. With these attacks, spammers hope that they can lure recipients into action by hiding behind the reputation of the Twitter social networking brand that is presently enjoying meteoric popularity.

A majority of the spam messages in circulation today contain URLs in the message body. In fact close to 92% of all spam messages contained a URL (Uniform Resource Locater), often associated with sites that allow users to set up free web hosting accounts or promote certain products and services. These URLs are all registered and operated by spammers, who rotate them in order to evade anti-spam detection.

With growing concern over the state of automakers in the United States, spammers are creating messages that claim to come from a particular motor company, informing recipients of falling sales and details on how the US government plans to bail them out. However, since the supposed bailout funds haven’t reached them yet, the message says the company is offering 1000 automobiles discounted at 35% off the original price in efforts to stay afloat and increase their customer base. To take part in the offer, recipients have to fill out and submit an attached form and wait five business days before a company representative gets in touch.

The attachment appears to be a PDF file but is actually an html file with a background image, masking what’s really going on behind the scenes. While many would think twice about filling in the form, the fall of US automakers have been dominating headlines recently and could make the message and offer seem genuine.

But that’s just one campaign in a sea of other spam messages, which now account for 90% of all the emails in the world.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code