The topic free iPhone is spreading wildly on Twitter right now, thanks to a massive spam campaign. A whole raft of shortened links from a whole range of link-shortening services are used in the bogus tweets – these redirect to a variety of shonky money-making sites.
This sort of activity often flies under the banner of “affiliate marketing”. Sadly, this is sometimes a euphemism for a site which aims to make money out of other people by unholy means.
A better banner for this sort of site might be: “A web page with links alluding to offers from major brand names, which in turn lead you to survey sites or online product pitches unrelated to those major brands, from which the owner of the original link earns commission.” The major brands earn nothing. Indeed, they aren’t involved at all, other than to “lend” their name unknowingly to the exercise.
In this latest Twitter storm, many of the accounts seem to have been set up just for the purpose of short-term spamming. This sort of account is often very obvious: it was set up recently, has no followers and no-one following it, and has never posted enything personal, or even moderately human-like. Such accounts easily fail the Turing test.
Other accounts involved in this spam campaign appear to be genuine accounts, typically little used – perhaps set up in a fit of enthusiasm for Twitter, only to be abandoned by the sort of user who never quite reaches the level of self-importance to keep up the effort of sending 140-character sound-bites about the trivia of his life. These accounts are more believable, because they have at least a small amount of history, a few followers, and some personal-sounding posts.
Here are some suggestions:
* Imagine a wise old owl on your shoulder, asking you questions. HAVE YOU EVER MET ANYONE WHO WON A FREE IPHONE OR IPAD ONLINE? HAVE YOU EVER EVEN HEARD A BELIEVABLE STORY OF SOMEONE WHO DID? DID YOU EVER GET THAT MONEY FROM THE GHANAIAN PRINCELING? (I thought not.)
* Remember the phrase “bait-and-switch“. If you see a link which promises you a free iPhone (the bait), the details and conditions explaining exactly how you win, and what chance you have of winning, should appear clearly, believably and honestly as soon as you click the link. If they do not, it’s a trick (the switch).
* If you have old accounts for services you no longer find interesting, or don’t use much any more, don’t just abandon them. Close them down. Genuine accounts to which you don’t pay much attention are valuable commodities on the cybercriminal underground. They have credibility which freshly-created accounts do not, and you probably won’t notice they been taken over.
* Watch the video made by Naked Security’s irrepressible Graham Cluley on how to choose a strong password.
(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like.)