Twitter Spam Campaign Exploits CNN Vulnerability
A campaign that takes advantage of vulnerabilities on the CNN website is flooding Twitter users with diet spam, according to eHackingNews. Cyber-criminals exploit the open redirect flaw to post spam messages that look like they’re coming from the reputable news organization.
“I love myself even more after I started your diet porgram [link]”, another message reads. “Yahoo made an article about how amazing your new diet program is!! You look amazing.”
Spammers made grammar mistakes to avoid antispam filters and gained users` trust by associating the scam with a renowned company. Because the request goes to the CNN website, the URL filtering doesn`t block access to the malicious websites.
According to eHackingNews, a similar security vulnerability might also be exploited in Yahoo. This is not the first time CNN is targeted by cyber criminals. Three years ago, scammers managed to exploit the same flaw in “ads.cnn.com”.
Open redirects are applications that take a parameter and redirect users to its value without validation. Exploiting vulnerabilities in open redirects allows cyber-criminals to make users visit their own website, without noticing.
Due to its increasing popularity, Twitter is targeted more often by cyber-criminals and social engineers. Recently, a popular hashtag on the micro-blogging platform started to be abused for phishing and identity theft.
After a series of high-profile hackings, the company announced two-factor authentication in May, including mobile phones in the verification processes.
What is medical identity theft and how to protect against it
July 27, 2022
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021
June 22, 2022
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data
May 24, 2022