Pope Benedict XVI to resign – Twitter sex spammers exploit breaking news story

Graham Cluley
Graham Cluley
@[email protected]
Pope Benedict XVI
Pope Benedict XVI

Within seconds of the news breaking that Pope Benedict XVI was to resign, spam began to appear on Twitter taking advantage of the story.

Messages using the hashtag #pope – but with no connection whatsoever with the developing news story of the first Papal resignation for hundreds of years – have sprung up on the social network.

Most of the messsages are being posted from accounts which feature images of young women in a state of undress (rather than a state of distress, which is what you would devout expect Catholic followers of @Pontifex to be feeling right now).

Papal spam

Sign up to our free newsletter.
Security news, advice, and tips.

What is happening here is what we see every day on Twitter – whether there is a Papal resignation or not.

Spammers scoop up the hottest trending topics on Twitter and use the popular phrases to sprinkle amongst their tweets – in the hope that social media users who are following a particular meme or subject will click on their link rather than a legitimate one.

Chances are that the accounts themselves are not being run by someone sat in their bikini at a keyboard, but actually automated bots under the control of a spammer who may have hundreds or thousands of bogus accounts at his beck and call.

Here are some other examples:

More pope spam

These are hardly the most sophisticated examples of spam in the world, and at the moment appear to primarily be designed to make money through affiliate links. But it’s easy to imagine how cybercriminals can exploit interest in hot breaking news stories like this in order to drive traffic to poisoned webpages infected with malware or phishing sites.

We have already seen some of the links redirecting to webpages which claim to host adult videos:

Adult video image

If you see an account which is obviously sending spam messages, report it to Twitter so they can shut it down. The site’s security team has an ongoing battle against spammers, but it’s a game of whack-a-mole. Everytime they zap a bogus account, the bad guys can create umpteen more.

Be careful out there.

Pope image from Shutterstock.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.