Thursday, June 14, 2012

Fake Twitter Confirmation Emails Link to Malicious Sites Spreading Malware

Did you receive an email asking you to confirm a Twitter account that you didn’t create?

Don’t click any links inside the email.

In their latest attempt to infect computers with malware, cybercrooks have begun spamming out fake Twitter emails asking users to confirm a non-existent Twitter account.

Here is a copy of the phishing email:
From: Twitter ([random-string]
Subject: Confirm your Twitter account, [random name]!

Hi, [random name].

Please confirm your Twitter account by clicking this link:
Please click here.

Once you confirm, you will have full access to Twitter and all future notifications will be sent to this email address.

The Twitter Team

If you received this message in error and did not sign up for a Twitter account, click not my account.

Please do not reply to this message; it was sent from an unmonitored email address. This message is a service email related to your use of Twitter. For general inquiries or to request support with your Twitter account, please visit us a Twitter Support.

As you can see, the bogus emails look nearly identical to the actual notices sent by Twitter upon creating a new account with one small difference: the link’s anchor text.

In legitimate notices, the confirmation link would read:
“ /[name]/[random-strong]”

However, the confirmation link in the fake messages read:
 “Please click here.”

Jovi Umawing, Communications & Research Analyst at GFI Labs warns that all of the links within the email lead users to malicious sites housing the infamous Blackhole exploit pack, which will attempt to exploit vulnerabilities within Adobe Reader and Adobe Flash in order to install malware on the target machine.

GFI Labs detects the exploits & malware threats associated with this attack as Exploit.PDF-JS.Gen (v), Trojan.SWF.Generic (v), and  Trojan.Win32.Generic.pak!cobra.

Protect Yourself From this Attack

To avoid falling victim to this scam, it is strongly recommended that you:

  • Mouseover all email links to check the destination URL before clicking on them.

  • Keep your operating system and installed software fully patched and up-to-date.

  • Always run antivirus software and keep the virus definitions current.

If you receive the email, you can report it to Twitter using this form.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+

No comments:

Post a Comment