Dangerous Twitter Spam on the Rise

Last month we saw a big increase in "Twitter Spam". The email messages and subject lines are all different, but they all have Twitter "shortener" links in them that go to web sites you don't want to visit. Some anti-spam programs are probably blocking it better than others.

How Twitter Shortener Spam Works

Twitter automatically shortens all links posted in Tweets to cryptic-looking 22-character URLs that begin with "http://t.co/". This helps Twitter users fit their Tweets into the 140-character limit.

Spammers exploit this free service to help them get around antispam programs. They create many different t.co links that redirect to the same few web sites, where their malicious code resides, and the put the links into hundreds or thousands of email messages, hoping unsuspecting users will click them.

How Twitter Spam Works

Email messages with different Twitter shortener links go to the same dangerous web site.

Because the actual destinations of the links are disguised, some antispam programs can't identify the messages as spam and fail to block them.

Current Wave of Dangerous Email

We've seen a huge increase in this type of spam over the past few weeks. There are often hundreds of different t.co links each day redirecting to the same pharmaceutical and pornographic web sites that you do not want to visit.

This type of spam is difficult for some spam filters to identify and block. In the recent wave, the emails came from many different servers that were changing quickly. Typical Bayesian Heuristic programs that use IP filtering (where the spam came from) to block and have to learn new ones, were probably unable to keep up.

This technique can even fool more sophisticated antispam programs. Those that do "URL filtering" (based on links in the emails) without live reviewers probably didn't recognize the t.co links as spam destinations quickly enough, so they might not have blocked the messages for a while, exposing their users to a lot of dangerous spam.

Twitter seems to be reacting quickly, disabling the links not long after they first appear. Given the sheer volume, however, even Twitter cannot take them all down immediately. We're seeing hundreds of different t.co links on some days and some remain active long enough to do their damage. One link to an online "pharmacy" was still active after several hours.

So, the emails that aren't being blocked by your antispam program are posing a risk to your co-workers and your company.

How We Block Twitter Spam

Because we employ multiple types of filters and have 24/7/365 live threat analysts, we are able to respond quickly and filter out nearly all of this dangerous spam.

We block much of this campaign with our unique "pattern" filtering that recognizes tricks spammers use. Our proprietary database of complex patterns is constantly updated to recognize new threats. The moment a new pattern appears, we block it and any other campaigns that use it.

We can also add to our database the shortened URL in the email, so that any future messages trying to get the user to click on it are blocked based on that alone.

Exceptional Anti-Spam and Secure Cloud Email for Business

If you're seeing a lot of spam or too many legitimate emails are being sent to your junk folder, you're wasting time and money every day dealing with this pervasive and dangerous issue.

SpamStopsHere was designed for business. Our live spam review team analyzes and blocks threats 24/7/365, so we can filter out 99.5% of spam and still deliver 99.999% of legitimate email to our customers. It's cloud based, secure and easy to use. There's no additional hardware or software to buy, no maintenance, and no tuning required. Get more info here.

SpamStopsHere and our other secure Cloud email services (hosting, encryption and archiving) also come with 24/7/365 live support.

If a conversation about secure email makes sense for your business, give us a call, chat or email anytime. We're always here. 24/7/365.

www.GreenviewData.com | 800-458-3348 | 734-426-7500 |

"Twitter" and "Tweet" are marks of Twitter, Inc. This article is for informational purposes and is not meant to suggest sponsorship or endorsement by Twitter, Inc.