With the popularity of social networking platforms such as Twitter on the rise, cyber criminals have found an easy target among unsuspecting users. BitDefender, the leading provider of innovative anti-malware solutions, offers tips on how Twitter users can avoid falling prey to some of the most common tricks regularly employed by hackers.
One of the biggest security problems facing Twitter as it relates to the spread of spam and malware are the many link-shortening services utilized for hyperlink posting. Users are limited to 140 characters per tweet; these URL-shortening services allow tweeters to post a longer link under such tight character limitations. Hackers use these link-shortening services to disguise malicious links. Some infections could be easily prevented by allowing users to see the real URL before clicking on it.
"Another big problem is the fact that search engines - especially Google - index Twitter profiles. This allows malicious pages that are built and marketed with good social engineering tactics to end up high in the rankings," said Catalin Cosoi, BitDefender senior antispam researcher. "Additionally, because Twitter messages are so short lived, users could unknowingly send spam messages without having the opportunity to notice that someone else is using their account."
Some of the common types of Twitter spam include:
1. Tweet spam: Tweet spam comes from someone a user is currently following and everyone following that user will see the tweet.
2. Direct Message: A direct message comes from someone a user is currently following and only the user will see the message.
3. ReTweet Spam: ReTweet spam searches for legitimate tweets and reposts them in the system but with a different, malicious URL.
4. Trending Subjects Spam: Trending subjects spam searches for hot topics on twitter (like Michael Jackson's death) and posts similar tweets with different, malicious URLs.
5. Following Spam: Following spam happens when a user's profile receives a lot of followers he/she doesn't know. If the user does not start following them back within a week, they stop following the user. Statistics show that one in two users will follow back. Usually these profiles are bots which are programmed to acquire as many followers as possible before they can start broadcasting spam.
Fortunately, Twitter users can protect themselves from falling into spam traps by following five tips:
1.Install a comprehensive security solution on your computer - preferably a suite containing antivirus, firewall and a phishing filter.
2. Follow the spam profile on Twitter: http://twitter.com/spam. Users can find good advice here. For example, a recent post states: "If you gave your login and password info to TwitViewer, we strongly suggest you change your password now. Thanks!"
3. Don't click on all the links you receive.
4. Disable the "auto followback" option. This will allow you to pick and chose who you want to follow.
5. Make sure you know who you are following.
"By following these simple tips, users of social networking sites like Twitter can protect themselves from spammers and other cyber criminals," added Cosoi.