Beware, Twitter enthusiasts! Spam posing as Twitter email notifications are currently proliferating in the wild. The spam are of two types—the first type attempts to steal personal information or login credentials while the second attempts to infect systems with malware.
A legitimate Twitter notification email looks like this:
It usually begins with “Hi, *name of user*” and contains the words, “You have a direct message:,” followed by the message itself.
The two Twitter spam samples, on the other hand, look like these:
The sample on the left uses a generic greeting while the email body only says, “You have 1 unreaded message from Twitter,” followed by a URL. This directs recipients to a site where they are asked to give out personal information. The sample on the right also uses a generic greeting along with the message, “You have 3 information message(s),” followed by a URL. Instead of asking the recipients for personal information when they click the link, malware are instead downloaded onto their systems. However, the malicious URLs are already inaccessible as of this writing.
Spammers and cybercriminals have had a long history with Twitter and its users, as featured in these previous entries:
- Diet Twitter Spam (on the) Run
- A New Twitter Worm Is Making the Rounds
- Twitterbuilding.com—Stealing Your Passwords One Tweet at a Time
To protect yourself against similar attacks, always pay attention to every detail in emails you receive. It is, after all, easy to distinguish what is real from what is not. All you need to do is carefully observe.