Next Generation Twitter SPAM

Currently, Twitterati and Non-Enlightened alike receive messages in their inboxes that apparently originate from Twitter, notifying them of “unread messages”:

As you can see, these messages look genuinely enough to warden a second look. Two things strike as odd, though, once you scrutinize the mails:

  1. Twitter has been in the art of personalizing its messages, addressing the user directly, while these messages only say “Hi”.
  2. Twitter applies the user’s default language (- being German in my case -) to its emails, while these messages are all English.

I must admit that – probably as most recipients of these mails – I only casually read them and then – thankfully – used my default twitter client rather than clicking the link inside the mail. When Tweetings [AppStore-Link] did not show any new direct messages, I started wondering, for which of my twitter accounts that message was and – strangely – realized that the recipient email address was not one associated with any of my twitter accounts.

By then I could smell rats and checked the link inside the message body:

Alright, at least sounds like one of those ad-sensing tools that sites like Google, Twitter or Facebook love for tracking their users with. But, usually, these links do send their users to a more individual address rather than simply to an index page. So, I did a quick WHOIS-query, which gave me this result:

Ah, yes, the Chinese dragon rearing its ugly head yet again. I immediately stopped searching for any “unread direct messages” and instead reported those messages to Twitter’s security team.

As @blogginginside reports, is by no means the only domain involved in this scam. But all domains point their fingers at Chinese scriptkiddies – or rather Chinese government-employed culprits, if you ask me.

So, any twitter users who receive such notifications are strongly advised not to follow any links embodied in the messages but rather check their default twitter client (- rather easy for iPhone or Android users -) or manually enter Twitter’s web address in their browser. People who have not yet converted to Twitter are suggested to simply delete these messages from their inboxes or mark them as junk emails (whichever applies for their respective email clients).

There would be, of course, a perfect way to combat these kinds of SPAM or phishing schemes. But, unfortunately, most Western governments tend to not pester the Chinese government for economic reasons. So, we will probably have to live with these annoyances as long as noone challenges the Beijing government or this ugly regime finally gets overthrown by its own people…

[Images ©2010 Axel Riemann. WHOIS-query with kind support by Geektools.
Twitter and the twitter logo are registered trademarks of Twitter, Inc.
All other names and logos are either trademarks or registered trademarks of their respective owners.]

Leave a Reply