June 20th, 2009By Pete Cashmore Security sites are warning web users to beware fake Twitter invites in their email inboxes. The reports, based on an alert on Wednesday from Symantec, say the emailed invites come with a malicious attachment which, if downloaded, harvests email addresses from your computer and copies itself to removable drives and shared folders. The emails carry the subject line “Your friend invited you to twitter!”, while the sender’s address is spoofed as “invitations@twitter.com”. Unlike a typical Twitter invite, however, the email contains no invitation link: instead it carries the attached file Invitation Card.zip, tempting the receiver to download it. The attachment, of course, contains W32.Ackantta.B@mm – a nasty, email address-harvesting worm. ___________________________________________ Twitter Spam = Mainstream Recognition ___________________________________________ Unlike previous, resolved “Twitter worms” (eg. Mikeyy), this one has nothing to do with Twitter: it doesn’t spread via the Twitter.com website or even target Twitter users specifically. Rather, it seems that Twitter has reached the mainstream appeal required to make it a worthy topic for email scams. A good proportion of web users, the spammers must assume, will have heard of Twitter and therefore might download the attachment. If you receive one of these mails, simply mark it as spam without downloading the attachment. And if you think you might be infected, update your anti-virus software and run a full virus scan.
[See the story at Mashable.com]
Posts
No comments:
Post a Comment