Spammers stalk Twitter for unsuspecting users, Sophos reports

By Brett Myroff for Sophos South Africa
Johannesburg, 30 Jan 2009

IT security and control firm Sophos is advising Twitter users to be vigilant of suspicious accounts that have been using the service to build up databases of contacts in order to spread their spam messages. These spam accounts are recognisable as they tend to follow very large numbers of similarly named Twitter profiles.

Sophos was alerted by a Twitter account that was also following over a hundred other users, all with user-names containing "Graham" or "Honda".

"The people creating these accounts probably found the usernames by simply using the Twitter search engine for matching names," says Brett Myroff, CEO of regional Sophos distributor, Sophos South Africa.

The accounts do not yet appear to have been used to distribute spam messages, but the intention seems clear. When these spam twitterers, or `spitters`, inevitably use the accounts, it could be solely to unleash spam, or they could try and infect users by sending messages that link to malware. "One thing is for certain - no one wants to receive them. Your best advice is to block suspicious followers right away," Myroff says.

To reduce the risk of being exposed to this and other recent malicious activity that has targeted the popular micro-blogging service, Sophos recommends that users observe some simple security tips:

1. Block followers that you suspect of being spam accounts or `spitters`.
2. Report suspicious spam accounts to Twitter by sending a message to the `@spam` account.
3. Do not click on any links in Twitter updates or messages from suspicious user accounts - they may lead to malware infected Web sites.
4. Be wary if you are asked to re-enter any login details - Twitter users have had their passwords phished from them by being taken to bogus Web sites. Even Stephen Fry, one of Britain`s most popular Twitters, has admitted being fooled into clicking on a dangerous link designed to steal his information.
5. Choose a non-dictionary password - a Twitter staff account was recently hacked when the password `happiness` was guessed - giving hackers access to celebrity Twitter accounts.

Sophos recommends that all computer users ensure their security defences are up-to-date and patched against the latest hacking, spam and malware threats.

Sophos South Africa

Netxactics, trading as Sophos South Africa, is a South African-based company focused on the provision of security solutions. It is the Master Distributor for UK-based Sophos Plc, one of the leaders in the provision of network access control and endpoint, e-mail and Web security and control solutions for the corporate environment. For more information, visit Sophos South Africa at http://www.sophos.co.za.

Sophos

Sophos enables enterprises worldwide to secure and control their IT infrastructure. Our network access control, endpoint, Web and e-mail solutions simplify security to provide integrated defences against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, we protect over 100 million users in nearly 150 countries with our reliably engineered security solutions and services. Recognised for our high level of customer satisfaction, we have an enviable history of industry awards, reviews and certifications. Sophos is headquartered in Boston, Massachusetts and Oxford, UK.

Editorial contacts