Twitter email spam première
Spam is mostly associated to email but evidently it is starting to take a new twist with Twitter spam thru email as the 1st Twitter email spam hit my email server, this almost a year after emails of this kind started to surface.

Easy posting with Twitter
The key reason for getting a Twitter account was to be able to post interesting links and short messages when away from my web server, a rather minimal use of it compared to others. Twitter provided a simple way to do this without having to write a line of code, and the easy option is always better.
Yet another bot follower

To my sheer amazement a trickle of followers appeared!

However a quick check eliminated any further excitement as the content of the follower above proved to be just some regular Twitter follow bot that followed in order to get easily fooled followers to feed to the various spam links offered. Just click on the image above and you'll see...
Twitter spam via email
Oddly enough Twitter related spam has not been targeting my mail server, but finally the 1st one masquerading itself as a Twitter direct message dropped in.
First Twitter spam email to Webbanalys.se


Initially it seemed like a direct message, and given I had flagged to get direct messages it would have been legitimate. But getting a direct message to another email than the specified one made alarm #1 wave a flag. A quick initial check made it obvious. A Twitter direct message from another domain?
Twitter email from a non Twitter domain

Alarm #2

And then a quick check further in the email header had all kinds of pretty obvious clues to this being a spam email and not a direct message.
Invalid return path and missing SPF flag

A return email address to a domain which isn't Twitter signaled alarm #3, and when the SPF value is not "pass" alarm #4 went off. There are many opinions about SPF but it seldom lies about the simple fact if the IP number of the sending email server is in the correct range (if the DNS admin has set it up right).

Bogus Twitter direct message

Anyone receiving this Twitter spam that was not really awake might not have realized that the message was spam. But alarm #5 was just a click away.
Despite the spammers efforts to make the email seem as a regular direct message by using an embedded image linked to Twitter, any alert recipient would have checked the links prior to clicking on them.
In fact all 3 of links in the email point to a web site which sure is not Twitter, instead it points to a web site running under a Spanish IP and that shares that IP with 156 other web sites (check the domain here).
Is this yet a SEO gone bad experiment?
Twitter efforts to reduce spam might have caused spammers to try other tricks, and if they spammers keep their mistake rate up the spam will be easy to spot.
Time will tell if "Nadia Beauty" will be shut down by Twitter, but it is evident that spam pretending to be from various online services will most likely increase as spammers try out alternative ways of getting past spam blocking.
Spam with simple mistakes can be spotted at a distance, well if you are alert!


Länkar till mer information:
Bogus Twitter Spam Hits Inboxes
State of Twitter Spam
Twitter short URLs still problematic

* Bilderna i artikeln är manipulerade för att passa sidformatet.

Tipsa andra:
Dela med andra på Twitter Dela med andra på Facebook Dela med andra via E-post