1

If you get an email purporting to come from Twitter suggesting that you have forgotten your password, even though you know exactly what it is, you will not be alone. It would appear that around 55,000 people have already received these fake notifications which, as if you haven't guessed, are malicious link-filled spam.

The Websense Security Labs ThreatSeeker Network warns that the spam contains a link to a compromised site which will attempt to download a malicious executable named password.exe that is actually another of those rogue AV applications, this one being identified as Protection Center Safebrowser.

The payload is somewhat more mature than most rogue AV scams in that is will display some of the malware files it installs on the user's desktop, making it obvious that the computer has been infected - and so making the perhaps not so fake after all attack notification more believable.

Still, anyone with a modicum of common sense should be safe enough as they won't click through the links in an email telling them they have forgotten their Twitter password when they have not. The usual advice for those who are a little hard of thinking when it comes to matters of online security applies: always connect directly to the website concerned, or send a new email to customer support, rather than click links in any unsolicited email that arouses suspicion.

Votes + Comments
7
Contributors
7
Replies
8
Views
7 Years
Discussion Span
Last Post by joelchrist
0

Unfortunately, the spammers know that some people will click. Even with a CTR of 3% which is industry norm for links in emails, it is still about 1500. This is significant.

0

It's a social engineering trick: user gets official looking email telling them they can reset their password as requested by following a link, users thinks someone has been trying to access their account and decides to reset the password just in case.

It will also catch those busy or security dumb folk who quickly scan an official looking password reset email and click the link without even thinking.

As InsightsDigital says, the click through rate may be low but you only need a few people to fall for any given malware scam and the numbers soon start adding up.

0

Unfornately, this happens more often than one would thought - it happens with Linkedin, AOL, Amazon, etc. That is why it is really important to look at the address of the redirect - not the address that the email claims it will take you.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.