Another day, another round of diet spam on Twitter

Watch out on Twitter today, there’s a wave of spam being sent out.

Actually, scratch that. You should watch out on Twitter *every* day. Not a day goes past without spammers sending direct messages or posting public tweets designed to phish from the unwary or direct traffic to their money-making websites.

Here’s the very latest attack, promoting (quite blatantly) a diet with the message “Summers coming..” (Apologies to those in the Southern Hemisphere for whom that message is clearly inappropriate)

Tweets

Sign up to our free newsletter.
Security news, advice, and tips.

If you click on the link you are taken to a webpage designed to sell “Miracle Garcinia Cambogia Beans” with the help of a video from Dr Oz, and a picture of French newsreader Mélissa Theuriau (although the webpage claims that she is a Women’s Health staffer called Helen Hasman).

Spammers webpage

The headline reads:

Lose 23 lbs of Belly Fat in 1 Month With This Diet Cleanse That Celebrities Use. Exclusive Offer for Readers.

There is no suggestion, of course, that Women’s Health, Mme Theriau or Dr Oz are in anyway connected with the spam campaign. Their names and images are presumably just being exploited by the spammers to help make some quick and dirty cash.

And, as you can see by the screenshot below of what happens when you try to leave the webpage, they are pretty pushy sales people.

Pushy sales message

If you find that one of your Twitter accounts has been sending out spam messages like these, change your password immediately. Furthermore, if you use the same password elsewhere online, change those as well. It’s important that you never use the same password in multiple places, and ensure that your passwords are hard to crack or guess.

You should also check what third party applications you have connected with your Twitter account, and revoke permissions for any which you don’t need, or that look suspicious.

Don’t feed the spammers, and don’t help them get fat by buying goods sold via social networking spam.

Further reading: “About the Twitter diet spam”, an examination of the campaign by Finnish security researcher Janne Ahlberg, who has also described similar attacks affecting Pinterest and Tumblr.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “Another day, another round of diet spam on Twitter”

  1. Hi. I found my account was compromised so I changed my
    password immediately. I'm desperately trying to figure out
    how my account could've been compromised. I never visit
    suspicious websites and the only apps I have authorised on my
    Twitter account is legit companies. Apple, Instagram, LinkedIn,
    Camera+, Soundcloud, dlvr.it, Tapbots, Disqus. That's it!
    No other apps and I only access my accounts from my own devices.
    Mac at home, Macbook, iPad app and iPhone app?

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.