Saturday, April 28, 2012

Twitter Direct Message Scam Spam

Social networking websites are garnering more users everyday. They have become part of our lives now - whether you like it or not. Businesses are using the media's power for marketing purposes and whoever denies the power of social media will be on the losing end eventually.

We have a number of scam stories regarding Facebook and we feel it is essential to discuss on a common Twitter scam this time.

If you are a Twitter user, you may occasionally receive direct messages from the user whom you are following.


Below are some real-life examples of direct message spam (scam in disguise).

Hi somebody is saying really bad things about you... http://alturl.com/*vytkn

Hi some person is making nasty things about you... http://tinyurl.com/*btzxskg

Hey some person is making terrible rumors about you... http://sn.im/*230ml0t

ROFL...I'm laughing so hard at this pic of me my friend uploaded http://tinyurl.com/*7uhuvcr

Fastest way to lose weight while removing toxins & boost energy levels http://tinyurl.com/*d5up9tb

lol...OMG I'm laughing so hard at this picture of me someone uploaded http://tinyurl.com/*c4t7xbr

Asterisks "*" are inserted into the URLs by us on purpose.

These messages are automatically generated and posted to you by infected accounts. The main intention is to arouse your curiosity so that you will visit the URL included at the end of it.

If you study the top few examples properly, you can see similarities in them. They can be just a few sets of similar words, which are spin randomly before sending to you. This is because the infected account may be spamming all its followers again within the next few days, and the scammer wants to make the messages look different.

We apologize that our team is not brave enough to click on the URLs to test them. There are some scenarios that are likely to happen if you were to click on the URL:

  1. Your computer will be infected by malware or spyware immediately if you do not have an anti-virus software installed.
  2. Your Twitter account will be automatically infected by the same virus and it will be sending similar spam direct message to your Twitter followers.
  3. The webpage ends up to look like Twitter's login page (phishing scam) and requires you to key in your username and password, and then your Twitter account will be sending similar spam direct message to your Twitter followers because the scammer has obtained your login details.
  4. The webpage will prompt you to authorize certain app to your Twitter account, and then your Twitter account will be sending similar spam direct message to your Twitter followers.

It is pretty clear that you should just ignore all suspicious direct messages that contain URL, especially when the URL is shortened and you do not know the exact URL. Be safe than to be sorry!

7 comments:

  1. what do you do if you tried to click on the url? I have had a million emails with this today and it has sent it to all my friends, I did change my password

    ReplyDelete
  2. You probably have to check for any unknown authorised app in your Twitter account and change your password. These are the two ways scammers can get to post stuffs on your behalf.

    ReplyDelete
    Replies
    1. Hello,
      One of my followers on Twitter keeps "sending" me these messages.What are the ways to stop it "in her account"(so not only i,but other her followers won't receive it - the virus would be "killed")?

      Sincerely,
      Aidyxe

      Delete
    2. Hi Aidyxe,

      If the infected follower is able to send you the spam messages, that means you are following him/her as well.

      If he/she is your follower, you can easily send a direct message over to alert him/her, or simply use the @nick feature to do it.

      As of now, we only know that the owner has to change the password. That means we don't know what are the other ways to stop it, except that you alert him/her directly.

      Delete
  3. I clicked it and with out thinking typed in my info, After i realized what had happened i quickly changed my password, hope it worked...

    ReplyDelete
  4. I also clicked to the phished website :-) I changed my password and I wrote under the message my account sended a warning that my followers mustn't click the link

    ReplyDelete
  5. This scam/spam seems to have died down a lot... but there are many other new ones, which we don't have time to cover...

    ReplyDelete