Twitter Brandjacked in New Spam Campaign

Written by Sue Walsh on October 5, 2012

A few days ago I received an email from Twitter announcing a new design layout for user profiles and inviting me to try it. I was busy so I put the email aside intending to check it out later. I ended up forgetting about it and it’s a good thing I did. The email wasn’t from Twitter.

It’s part of a new spam campaign that is brandjacking Twitter. They look quite legit but if you click on the link you’re taken to “Toronto Drug Store”, which is apparently the latest incarnation of the infamous “Canadian Pharmacy” scam ring. CP and its crooked affiliate operation were crushed when the Rustock and Mega-D botnets were taken down. Security experts say a group of the criminals involved in the affiliate program, Spamit/Glavmed, banded together to form a new organization. Like the original Canadian Pharmacy, the new version fulfills orders with fake medications made in India. So far the site is not conducting any malicious activity, only ripping off gullible and ill-informed consumers.

A few months ago, when Twitter was hit with a data breach, they downplayed it saying the affected accounts were all fake/spam accounts. I strongly suspect they were lying to cover themselves because the address I got this spam from is one I use for Twitter and Twitter only. Since the news of the breach broke I’ve noticed several spam messages in that account where before there were none, and that can only mean one thing. I think Twitter has some explaining to do.

Comments

Addison Moore October 7, 2012

Haha, that’s funny. I am hoping it did not do anything to your computer except to lead you to such nonsense website. But yeah I understand why it sounds legit. Twitter has indeed changed some of its profile layout (though that doesn’t mean I like it). On a more serious note, this pattern, if this goes on, is quite dangerous. Before it is easy to spot spam and phishing since the email usually sounds so random. Today it rides on the latest news and trends. In fact, a lot of people have become victims over that Olympics phishing and spamming.

Tyler October 9, 2012

Here we go again! Though I’m quite happy that spam all over the world is decreasing, I can’t achieve full joy because there are still a lot of threats around, including brand jacking. What makes things worse is the fact that Twitter and Amazon, which also became a victim to such scheme, are trusted brands. Thus, the chances of Internet users clicking on the link are extremely high. So far, I haven’t heard of Twitter trying to address this problem, though I’m hoping they do because they have drastically increasing number of users, and only a few of them are smart when it comes to online threats, sadly.

  • (required)
  • (required)