Free iPhone 4G used as bait by sexy spammers on Twitter

Rowland, who works in the Australian branch of SophosLabs, has blogged today about spam he’s seen offering people the chance to get a free next generation iPhone (commonly being dubbed in the media as the “4G iPhone”).

But these chances to get your paws on a free iPhone 4G aren’t just limited to email spam.

A quick search on Twitter reveals a gaggle of profiles, using avatars of sexy young women, pumping out messages to users seemingly giving them the opportunity to grab a free iPhone 4G.

Free iPhone 4G tweets posted by spammers

Sign up to our free newsletter.
Security news, advice, and tips.

Like the email spam intercepted by our labs, however, these Twitter profiles are designed to scam you out of your personal information.

A quick look at one of the Twitter accounts spamming out the messages underlines that she is by no means a regular user, but set up specifically to advertise a data-collecting form on behalf of the shady guys behind this scheme.

An iPhone 4G spammer on Twitter

Clicking on any of these links takes you to a webpage (currently offering an iPod Shuffle as a prize, rather than an iPhone 4G – that’s a let down, isn’t it?) that asks you to fill in a form with your personal data.

Prize draw form

is there any legitimate reason why they need to know, for instance, your date of birth? I don’t think so. And yet some internet users might be so excited about the prospect of receiving a gadget that they’ll fill in the form without thinking of the possible consequences, and without considering who might be collecting the data and for what purpose.

Small print at the bottom of the page reads:

By registering and entering your details you consent to [receive communications] either by e-mail, SMS or phone about products and/or services that have been selected based on your interests.

This is quite different from the initial spamvertisement which said "Get a FREE iPhone 4G! Limited Quantities! Enter Your Email Now" isn’t it? Certainly I would feel very uncomfortable handing over my email address to a group which appears to be associated with folks who are advertising their site via Twitter spam.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky and Mastodon, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.