Fake Twitter invites spreading email worm
Monday, June 22, 2009
Spam emails that appear to be invitations to join the micro-blogging site Twitter have been spreading a mass email worm that can steal email addresses from a user's PC. Symantec reported last week that the fake invites can be spotted because legitimate invites contain a URL link in the body.
Instead, the user will see an attachment that appears as a .zip file that purportedly contains an invitation card. The file is actually a malicious attachment known as the Ackantta worm, which gathers email addresses from infected computers and spreads by copying itself to removable drives and shared folders, Symantec said.
"As Twitter continues to gain popularity among social networking users, people are regularly receiving invitations and email updates from fellow users," Symantec researcher Sammy Chu said in a blog last week. "We expect that spammers will continue to use Twitter and other popular social networks as bait in their attacks."
Symantec had spotted an e-card virus attack in February that was used to spread the same Ackantta worm.
Twitter's booming popularity has also made it a growing target of phishing attacks and other types of spam.
Earlier this month, researchers spotted messages on Twitter that directed users to go to a YouTube spoof site to see a "best video." Users who visited the site could have had their PCs infected through vulnerable versions of Adobe Reader.
Related News:
Yahoo looking at pay-per-email to fight spam - 8.19.2009
Yahoo researchers are looking at a new way to revive the idea of using email postage stamps to help distinguish between good emails and spam.
Spam offers Obama opponents chance to DDoS White House - 8.19.2009
A spam email detected by email security firm Proofpoint attempts to exploit anti-Obama sentiment by offering recipients a chance to launch distributed denial-of-service (DDoS) cyberattacks on the White House - if they just download malware onto their PC.
Was White House healthcare email spam? - 8.17.2009
The White House this weekend responded to claims that it had sent an email on healthcare reform to people who didn't sign up for White House email, denying that the administration had purchased any email lists. Reports from Fox News Channel implied people were receiving spam.
Court rejects $10 million spam lawsuit - 8.10.2009
An internet domain owner seeking $10 million in damages from an online marketer over spam email had his appeal rejected last week by the U.S. Court of Appeals of the Ninth Circuit.
Spam messages offer phony cell phone spyware - 8.7.2009
Some spammers are using the temptation to spy on someone else through their cell phone to sell phony spyware, according to IT security firm Symantec.
|
