What is the Twitter spam invasion? And how can you prevent it?

Here's a release sent to me recently! Reproduced here for readers.

UK: With the popularity of social networking platforms such as Twitter on the rise, cyber criminals have found an easy target among unsuspecting users. BitDefender offers advice on how Twitter users can avoid falling prey to some of the most common tricks regularly employed by hackers.

One of the biggest spam related security problems facing Twitter are the many link-shortening services utilized for hyperlink posting. Users are limited to 140 characters per tweet; these URL-shortening services allow tweeters to post a longer link under such tight character limitations.

Hackers use these link-shortening services to disguise malicious links. Some infections could be easily prevented by allowing users to see the real URL before clicking on it.

BitDefender’s senior antispam researcher Catalin Cosoi says, “Another big problem is the fact that search engines, such as Google, index Twitter profiles. This allows malicious pages that are built and marketed with good social engineering tactics to end up high in the rankings. Additionally, because Twitter messages are so short lived, users could unknowingly send spam messages without having the opportunity to notice that someone else is using their account.”

Some of the common types of Twitter spam include:
1. Tweet spam: Tweet spam comes from someone a user is currently following and everyone following that user will see the tweet.

2. Direct Message: A direct message comes from someone a user is currently following and only the user will see the message.

3. ReTweet Spam: ReTweet spam searches for legitimate tweets and reposts them in the system but with a different, malicious URL.

4. Trending Subjects Spam: Trending subjects spam searches for hot topics on Twitter (like Michael Jackson’s death) and posts similar tweets with different, malicious URLs.

5. Following Spam: Following spam happens when a user’s profile receives a lot of followers he/she doesn’t know. If the user does not start following them back within a week, they stop following the user.

Statistics show that one in two users will follow back. Usually, these profiles are bots which are programmed to acquire as many followers as possible before they can start broadcasting spam.

Fortunately, Twitter users can protect themselves from falling into spam traps by following five tips:

1. Install a comprehensive security solution on your computer - preferably a suite containing antivirus, firewall and a phishing filter.

2. Follow the spam profile on Twitter: http://twitter.com/spam. Users can find good advice here. For example, a recent post states: "If you gave your login and password info to TwitViewer, we strongly suggest you change your password now. Thanks!"

3. Don’t click on all the links you receive.

4. Disable the "auto followback" option. This will allow you to pick and chose who you want to follow.

5. Make sure you know who you are following.

Cosoi adds: “By following these simple tips, users of social networking sites like Twitter can protect themselves from spammers and other cyber criminals.”