Data443 & Cyren
Products
- - - Products
    - For OEMs
    - Malware Detection
    - Malware Analysis
    - URL Categorization
    - Email Security
    - Threat Intelligence
    - For Enterprises
    - Malware Analysis
    - Inbox Security for Office 365
    - Threat Intelligence
  - - In the News
      
      Online Businesses Become a Phisher’s Playground
      Not nearly enough businesses have deployed sufficient security measures against phishing attacks through website builders and CMS platforms.Read Article on DarkReading >
      
      Go to Newsroom >
Solutions
- - - Expert Support
      
      Cyren’s dedicated security analysts have the expertise to deeply investigate sophisticated threats – their embedded documents and messy code.
      
      And from their vantage point across companies, geographies, and industries, analysts can track emerging attack vectors and prevent breaches.
      
      “For any false positive or user reported items, we do not need to be involved. Cyren’s dedicated team is on top of all these items.”
      
      via Gartner Peer Insights
Resources
- - - Recent Posts
      - Analyzing behavior to protect against BEC attacks December 22, 2022
      - Using NLP techniques to protect against BEC attacks December 8, 2022
      - Phishing with QR codes December 1, 2022
Company
- - - Company
    - About Cyren
    - Careers
    - Management
    - In the News
    - Contact Us
  - - In the News
      
      Online Businesses Become a Phisher’s Playground
      Not nearly enough businesses have deployed sufficient security measures against phishing attacks through website builders and CMS platforms.Read Article on DarkReading >
      
      Go to Newsroom >
BOOK A DEMO

Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

More fake Twitter emails lead to Easter “specials”

It’s been over a month since we wrote about fake Twitter email messages, and if it worked once for scammers/spammers, they’ll certainly try it again. Commtouch labs is seeing large quantities of – you guessed it – fake Twitter email messages, similar to the one here:

How can the uninitiated determine that it’s not a real message from microblogging service Twitter? Well, the typo in the subject and body give the first clue (it should say “2 direct messages” not “message” in the singular – but that’s just petty). The really easy way to tell is to simply mouse over the “twitter” URL and look for the real URL that will show up either at the bottom of the window, or right over the cursor, depending on your email program. If the real URL is not a Twitter URL, then it’s definitely a scam.

I can’t even tell you what this particular message was trying to get from its recipient since by the time I clicked the link — less than 24 hours after it had been received — the link was already dead. Past fake Twitter messages have been pharmacy spam, but since the site was already taken down it may have been phishing. A short-lived landing page is also a surefire sign that the email is not legit. Real web sites typically keep their landing pages around for a long time — practically forever, in fact — since no marketer wants to take the chance that someone will open their mail several weeks after its been sent and execute the sought-after act of clicking through, and then have this enchanted potential customer land on a non-existent page. Spammers, phishers and scammers, however, are always trying to outrun security software and the law, and one of the ways they try to do so is to keep their sites up for a very short time. The flood inboxes with messages linking to the ephemeral spam/scam/phish landing page, and anyone that they can convince to click through in the short time the page is live, clicks, anyone after that short time the site is taken down has been saved from the scam or pharmacy/replica site simply by being slow to open their email.

Update: 26 April

We found a live site from the continuing attacks – as before the Twitter notifications lead to pharmacy sites such as the one shown below (note the Easter branding).

Apr 21, 2011 | Security Research & Analysis

Categories

You might also like

Analyzing behavior to protect against BEC attacks

Business Email Compromise

Understanding “normal” behaviors in email exchanges are key to combating advanced phishing and BEC attacks by John Stevenson Detecting Business Email Compromise (BEC) In the final part of our series of blogs on Business Email Compromise (BEC), it’s time to look at how...

Using NLP techniques to protect against BEC attacks

Business Email Compromise, Office 365, Phishing

How Natural Language Programming help combat phishing and BEC attacks by John Stevenson Business Email Compromise (BEC) Business Email Compromise (BEC) covers a range of email attacks that typically share a common core attribute. There is no obvious executable...

Phishing with QR codes

Phishing, Security Research & Analysis

Don’t Scan or be Scammed By Maharlito Aquino, Kervin Alintanahin and Dexter To In 1994, a type of the matrix barcode known as the Quick Response code, now widely known as QR code, was invented by Masahiro Hara from a Japanese company Denso Wave. The purpose of the...