Monday, February 6, 2012

Fake Twitter DM Notification Email Links to Pharmaceutical Site

So you received an email saying you got a new direct message on Twitter, but is it real?

It may not be.

Spammers are now sending out bogus Twitter DM notification emails in order to direct traffic to pharmaceutical websites.

In order to yield the highest click-through rates, spammers took the time to make sure the fraudulent Twitter notification emails closely resemble legitimate ones.

The fake Twitter emails use the same layout, link directly to the images used in the real emails, lack the typical grammar mistakes featured in spam (obviously since the content was copied and pasted from genuine emails) and come from a spoofed Twitter email address (@postmaster.twitter.com).

Of course, all of the links within the spam version link to a pharmacy website instead of Twitter, but by the time the average user realizes that the site would already be loaded in their browser.

How do you know if you’re looking at a fake Twitter DM notification email?


Aside from hovering your mouse over the link to check the real destination URL, one way to tell the real apart from the fake is to check whether or not your Twitter handle is mentioned in the email.

The real notification email from Twitter reads:
Direct message sent by Kevin Cook (@KevinCook) to you (@yourtwittername)..

Obviously the spammer doesn’t know who you are on Twitter, so they’ll use what information they DO have, which is your email address:
Direct message sent by Kevin Cook (@KevinCook) to you (your@email.com)..












FAKE Twitter DM Email (SPAM)REAL Twitter DM Email
Fake Twitter DM Email (SPAM)Real Twitter DM Email

To avoid falling for this Twitter DM spam campaign, users should:



  • Type the targeted website directly into the browser versus clicking links or, at the very least, hover over links to check the destination URL before clicking them.

  • Make sure their email client is protected by a comprehensive spam and malware filter.

  • Always remain vigilant when going through their email inbox and trusting their gut when something feels a bit "off".


Don’t miss out on the latest tech news and computer security alerts!  Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment