All about the scareware campaign running rampant in Twitter

Infokito - Some of you may have heard about the recent viral spam campaign running rampant through Twitter. If you haven't, here's the story....

Malicious hackers, also known as "black hats", compromised some accounts and launched a viral scareware campaign in which they used Google's URL shortening service,, to hide the true location of the link.

They tweet the link along with a text that says "Cool" or something equally nonthreatening. When someone clicks on the shortened link, they are whisked away to an unknown location (thanks to said shortened URL) and scared into downloading and paying for a "Security Shield" program; they are told that their computers have been compromised and the only way they can thwart the problem is to download and pay for the security software

The goal of this scam is to get tweeters to click on the link, download a file and pay for a bogus security program. The problem with this is that it's too easy to click on the link. Why? Because most of the link is hidden from view. Since Twitter only allows tweeters to post a specific number of characters, URL shortening services have popped up to allow people to post their status AND a link without going over the character limit.

How does something like this happen?

It may have all started due to the high incidence of people using the same passwords on different sites. If one of their sites has been compromised, then the hacker has access to all sites sharing the same password. You can understand how this can all go awry. 

The dangers of URL shortening

Some security experts have been saying that URL shortening can lead to an increase in cyber crimes, giving hackers the ability to post a link without worrying about hiding the true URL; they don't have to since URL shortening services unwittingly help them with this.

Safety tips

Despite the absence of security tips in the articles we reviewed for this blog, we've come up with a handful to help you stay safe and secure when tweeting and using social media:

1. Use different passwords on different sites. Using the same passwords on different sites will put you at risk for a security breach. We don't want to sound alarmist, but it's a fact. Use different passwords and try to make them as complex as possible.

2. Avoid clicking on shortened URLs. Because you really have no idea where the link will take you.

3. Pay attention to the content posted with the tweeted link. Does it sound like something one of your followers would tweet? If it sounds out of character and if your friend does not usually post links, don't click on it.

Now for the ultimate philosophical question... why do hackers do the things they do?

Hackers love to brag; this is just another notch in their belt. Also, greed seems to be yet another guiding force behind online scams. Hackers will go to great lengths to get information and money out of you. Educate yourself and try to stay ahead of the game.

Thanks for reading and stay safe!   (Source: Alertpay Blog)

0 Response to "All about the scareware campaign running rampant in Twitter"

Post a Comment