23 March 2010

What is the Twitter spam and how can you prevent it?



With the popularity of social networking platforms such as Twitter on the rise, cyber criminals have found an easy target among unsuspecting users. BitDefender offers advice on how Twitter users can avoid falling prey to some of the most common tricks regularly employed by hackers.

One of the biggest spam related security problems facing Twitter are the many link-shortening services utilized for hyperlink posting. Users are limited to 140 characters per tweet; these URL-shortening services allow tweeters to post a longer link under such tight character limitations. Hackers use these link-shortening services to disguise malicious links. Some infections could be easily prevented by allowing users to see the real URL before clicking on it.

BitDefender’s senior antispam researcher Catalin Cosoi says, “Another big problem is the fact that search engines, such as Google, index Twitter profiles. This allows malicious pages that are built and marketed with good social engineering tactics to end up high in the rankings. Additionally, because Twitter messages are so short lived, users could unknowingly send spam messages without having the opportunity to notice that someone else is using their account.”

Some of the common types of Twitter spam include:

1.Tweet spam:
Tweet spam comes from someone a user is currently following and everyone following that user will see the tweet.
2. Direct Message:
A direct message comes from someone a user is currently following and only the user will see the message.
3. ReTweet Spam:
ReTweet spam searches for legitimate tweets and reposts them in the system but with a different, malicious URL.
4. Trending Subjects Spam:
Trending subjects spam searches for hot topics on Twitter (like Michael Jackson’s death) and posts similar tweets with different, malicious URLs.
5. Following Spam:
Following spam happens when a user’s profile receives a lot of followers he/she doesn’t know. If the user does not start following them back within a week, they stop following the user. Statistics show that one in two users will follow back. Usually these profiles are bots which are programmed to acquire as many followers as possible before they can start broadcasting spam.
Fortunately, Twitter users can protect themselves from falling into spam traps by following five tips:

1. Install a comprehensive security solution on your computer - preferably a suite containing antivirus, firewall and a phishing filter.
2. Follow the spam profile on Twitter: http://twitter.com/spam. Users can find good advice here. For example, a recent post states: "If you gave your login and password info to TwitViewer, we strongly suggest you change your password now. Thanks!"
3. Don’t click on all the links you receive.
4. Disable the "auto followback" option. This will allow you to pick and chose who you want to follow.
5. Make sure you know who you are following.
Cosoi adds, “By following these simple tips, users of social networking sites like Twitter can protect themselves from spammers and other cyber criminals.” For more information on how to protect yourself from Twitter and other social networking sites, please download our “BitDefender Offers Twitter Spam Protection Tips” podcast or visit the BitDefender website at www.bitdefender.co.uk

About BitDefender®
BitDefender is the creator of one of the industry's fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention, emerging as the industry’s anti-malware innovator. Every day, BitDefender protects tens of millions of home and corporate users across the globe — giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. For more details, please visit www.bitdefender.com

ABOUT THE AUTHOR
AbhiShek SinGh
Founder of 'TheHackingArticles'. Cyber Security Analyst, Cyber Security Researcher, and Software Engineer. Follow 'AbhiShek SinGh' on Facebook , Twitter or Google+ or via Email

Subscribe to stay up to date