Abusing automated email notifications

As popular as Twitter is I’ve never have been able to fully grasp the whole Twitter phenomenon. I’ve setup an account and have a few friends I’m following, but other than that I’ve logged into the account less than a dozen times. For some reason though when I opened my mailbox this morning and saw the automated email informing me that I had a new follower, I couldn’t help but feel excited and had the urge to login to see who it was.

IrisWelch

When the page loaded a few things seemed a little suspicious to me. For one, it had been nearly 20 minutes since I originally received the email and according to the email IrisWelch was following 220 people. When I first loaded the page on Twitter she was following around 400 people. That number continues to rise as I write this blog post and seems to have stopped at 603. Another thing that seemed suspicious to me was that a majority of the people she was following had the default Twitter image as their photo. You would think someone who was serious about their Twitter would follow like-minded people who uploaded their own images. Lastly, the text as amusing as it is makes absolutely no sense whatsoever and also has a tinyurl.com link.

Twitter IrisWelch692

Sure enough, if you visit the tinyurl.com link it redirects you to http://www.w3t.org/Tommy222 which is another URL shortening service and redirects you to a site called XXX Black Book which is an adult dating site very similar to Adult Friend Finder.

In this case it doesn’t seem like anything malicious was being done, it was really just abusing Twitter’s automated email notifications using it as a way of sending a sort of spam to have people login and check out this persons profile. A lot of people wouldn’t give it a second thought and click the link only to find themselves at an adult dating site, or whatever the spammer chose to link us to.

Of course there’s always the possibility of an exploit as we’ve seen in the past where simply visiting a persons profile could infect you. There are plugins such as NoScript for Firefox that helps protect against that sort of thing. Just be mindful that even though the email came from a trusted source (Twitter in this case, though most social networking sites have a similar email feature), the reason it was sent can still be driven by a person with malicious intentions.