Watch out on Twitter today, there’s a wave of spam being sent out.
Actually, scratch that. You should watch out on Twitter *every* day. Not a day goes past without spammers sending direct messages or posting public tweets designed to phish from the unwary or direct traffic to their money-making websites.
Here’s the very latest attack, promoting (quite blatantly) a diet with the message “Summers coming..” (Apologies to those in the Southern Hemisphere for whom that message is clearly inappropriate)
If you click on the link you are taken to a webpage designed to sell “Miracle Garcinia Cambogia Beans” with the help of a video from Dr Oz, and a picture of French newsreader Mélissa Theuriau (although the webpage claims that she is a Women’s Health staffer called Helen Hasman).
The headline reads:
Lose 23 lbs of Belly Fat in 1 Month With This Diet Cleanse That Celebrities Use. Exclusive Offer for Readers.
There is no suggestion, of course, that Women’s Health, Mme Theriau or Dr Oz are in anyway connected with the spam campaign. Their names and images are presumably just being exploited by the spammers to help make some quick and dirty cash.
And, as you can see by the screenshot below of what happens when you try to leave the webpage, they are pretty pushy sales people.
If you find that one of your Twitter accounts has been sending out spam messages like these, change your password immediately. Furthermore, if you use the same password elsewhere online, change those as well. It’s important that you never use the same password in multiple places, and ensure that your passwords are hard to crack or guess.
You should also check what third party applications you have connected with your Twitter account, and revoke permissions for any which you don’t need, or that look suspicious.
Don’t feed the spammers, and don’t help them get fat by buying goods sold via social networking spam.
Further reading: “About the Twitter diet spam”, an examination of the campaign by Finnish security researcher Janne Ahlberg, who has also described similar attacks affecting Pinterest and Tumblr.
Hi. I found my account was compromised so I changed my
password immediately. I'm desperately trying to figure out
how my account could've been compromised. I never visit
suspicious websites and the only apps I have authorised on my
Twitter account is legit companies. Apple, Instagram, LinkedIn,
Camera+, Soundcloud, dlvr.it, Tapbots, Disqus. That's it!
No other apps and I only access my accounts from my own devices.
Mac at home, Macbook, iPad app and iPhone app?