Twitter email spam

Spam is mostly associated to email but evidently it is starting to take a new twist with Twitter spam thru email as the 1st Twitter email spam hit my email server, this almost a year after emails of this kind started to surface. Twitter spam via email is easy to detect with just a few checks. Avoid being fooled to click!

Easy posting with Twitter

The key reason for getting a Twitter account was to be able to post interesting links and short messages when away from my web server, a rather minimal use of it compared to others. Twitter provided a simple way to do this without having to write a line of code, and the easy option is always better. To my sheer amazement a trickle of followers appeared!

Yet another bot followerHowever a quick check eliminated any further excitement as the content of the follower above proved to be just some regular Twitter follow bot that followed in order to get easily fooled followers to feed to the various spam links offered.

Twitter spam via email

Twitter related spam has not been targeting my mail server, but finally the 1st one masquerading itself as a Twitter direct message dropped in.

First Twitter spam email to Webbanalys.seInitially it seemed like a direct message, and given I had flagged to get direct messages it would have been legitimate. But getting a direct message to another email than the specified one made the 1st issue apparent. A quick initial check made it obvious. A Twitter direct message from another domain?

Twitter email from a non Twitter domainAnd then a quick check further in the email header had all kinds of pretty obvious clues to this being a spam email and not a direct message.

Invalid return path and missing SPF flagA return email address to a domain which isn't Twitter signaled another issue, and when the SPF value is not "pass" = another issue. There are many opinions about SPF but it seldom lies about the simple fact if the IP number of the sending email server is in the correct range (if the DNS admin has set it up right). Anyone receiving this Twitter spam that was not really awake might not have realized that the message was spam. Next issue was just a click away.

Bogus Twitter direct messageDespite the spammers efforts to make the email seem as a regular direct message by using an embedded image linked to Twitter, any alert recipient would have checked the links prior to clicking on them.

In fact all 3 of links in the email point to a web site which sure is not Twitter, instead it points to a web site running under a Spanish IP and that shares that IP with 156 other web sites (check the domain here).

Is this yet another "SEO gone bad" experiment?

Twitter efforts to reduce spam might have caused spammers to try other tricks, and if they spammers keep their mistake rate up the spam will be easy to spot.

Time will tell if "Nadia Beauty" will be shut down by Twitter, but it is evident that spam pretending to be from various online services will most likely increase as spammers try out alternative ways of getting past spam blocking.

Spam with simple mistakes can be spotted at a distance, that is if you are alert!

External links:

Bogus Twitter Spam Hits Inboxes
State of Twitter Spam
Twitter short URLs still problematic