Many Twitter users still haven't got over this weekend's BZPharma LOL phishing attack, and now a new campaign is being spammed out from compromised accounts directing users to a site selling herbal viagra to improve sexual performance.
A typical spam message reads:
Get bigger and have sex longer. go here http://example.com/?rid=http://callbling.com
where 'example.com' can vary.
Clicking on the link redirects users to a website called callbling.com. It doesn't take a rocket scientist to work out what they're trying to sell to you..
I'm afraid that the only thing which might get bigger is the spammers' bank accounts.
My suspicion is that the accounts sending out the spam message will include many of the sites that were compromised in the earlier BZPharma LOL phishing attack which has been such a big problem on Twitter over the weekend.
As before, the spam messages aren't just being sent via direct message (DM). They are also appearing on public profiles, possibly because of third party services such as GroupTweet automatically republishing DMs.
If you see any unusual messages being posted from your Twitter account, please please change your password as soon as possible.
And don't forget how your account got hacked in the first place. It was probably an attack like the one described in this YouTube video:
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)
Update: Ed Miliband, British MP and Secretary for Energy and Climate Change, is the latest high profile Twitter user to have had his account broken into hackers, much to the bemusement of onlookers.
![Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]](http://sophosnews.files.wordpress.com/2013/04/ellen-thumb.jpg?w=75&h=75&crop=1)
![Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]](http://sophosnews.files.wordpress.com/2013/03/cursors-thumb.jpg?w=75&h=75&crop=1)
