Compromised Twitter accounts spam out money-making adverts

Filed Under: Phishing, Social networks, Spam, Twitter

Compromised Twitter accounts are once again being used by criminals to spam out adverts to unsuspecting users.

In the latest attack, Direct Messages (DMs) have been sent between Twitter users promoting a "make money fast" website.

A typical message looks like this:

Twitter spam message

I made $XXX today - check out how I made it

(In the examples we have had reported to us, the amount of money has varied)

Clicking on the link takes the unsuspecting recipient to a website which claims, in breathless tones, to help single mothers and teenagers to make "thousands of dollars" every day.

Website promoted by Twitter spam message

The likelihood is, however, that all that will happen is that you end up out of pocket if you invest in the site's Home Wealth Formula.

Interestingly, the website tries to attempt to customise its content to appear more attractive to you. For instance, I visited the site from Sophos's British HQ in Abingdon, Oxfordshire, and the website duly described itself as the "Abingdon Business Journal" (no such publication really exists).

But although it is trying hard to make its content more attractive to me, by pretending to be a report from my doorstep, it hasn't gone to the effort of claiming i can earn British pounds rather than US dollars. The scammers just haven't thought this through, have they?

Nevertheless, there will no doubt be Twitter users who trust DMs sent to them by their friends and may click on the link, and some of them may be tempted to sign-up for the scheme.

But what if you own one of the Twitter accounts which is spamming out the messages?

It seems likely that your account has been compromised as a result of one of the recent phishing attacks which have struck Twitter users.

Twitter phishing page

Aside from changing your password, it would also make sense to scan your computer with an up-to-date anti-virus and check that you have the latest security patches in place.

If you want to be kept up-to-date on the latest security threats on Twitter and elsewhere on the net, follow me on Twitter.

Update: Thanks to Naked Security reader Eric, who brought to my attention that the spam messages are also being sent as classic messages, not just DMs.

Here's an example:

Spam tweet

, , , , ,

You might like

3 Responses to Compromised Twitter accounts spam out money-making adverts

  1. Gentry H · 1518 days ago

    I have this strain, I believe it is coming from malware on my Android phone. Added a mobile firewall (droidwall) and the messages stopped posting. Relaxed the firewall and they resumed. Trying to pin down which app specifically, but due to the random nature of the post timing, it's a slow process turning apps back on.

    Also, I haven't had any DM activity, all classic posts. This started for me Aug 5th.

    • DePingus · 1516 days ago

      I have this issue as well on an old unused twitter account. Started June 30th. I don't have any twitter stuff on my Android phone (if fact, I didn't have an Android phone until a few months ago). All of the messages are regular posts via Twitter's Mobile Web API.

  2. fin · 1038 days ago

    Yep this happened to me too. No idea how it happened, never signed up for anything. Im changing my info now...

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley