New spam wave hits Twitter: "Get bigger and have sex longer"

Filed Under: Phishing, Social networks, Spam, Twitter, Video

Many Twitter users still haven't got over this weekend's BZPharma LOL phishing attack, and now a new campaign is being spammed out from compromised accounts directing users to a site selling herbal viagra to improve sexual performance.

Get bigger and have sex longer tweet

A typical spam message reads:

Get bigger and have sex longer. go here http://example.com/?rid=http://callbling.com

where 'example.com' can vary.

Clicking on the link redirects users to a website called callbling.com. It doesn't take a rocket scientist to work out what they're trying to sell to you..

Callbling spam-advertised site

I'm afraid that the only thing which might get bigger is the spammers' bank accounts.

My suspicion is that the accounts sending out the spam message will include many of the sites that were compromised in the earlier BZPharma LOL phishing attack which has been such a big problem on Twitter over the weekend.

As before, the spam messages aren't just being sent via direct message (DM). They are also appearing on public profiles, possibly because of third party services such as GroupTweet automatically republishing DMs.

If you see any unusual messages being posted from your Twitter account, please please change your password as soon as possible.

And don't forget how your account got hacked in the first place. It was probably an attack like the one described in this YouTube video:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

Update: Ed Miliband, British MP and Secretary for Energy and Climate Change, is the latest high profile Twitter user to have had his account broken into hackers, much to the bemusement of onlookers.

, , , , ,

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.