Tag Archives: spam

Twitter spam phishing continues

Published by:

twidowThere is a new Twitter phishing scam making the rounds, and this one is spreading quickly via direct message, wrote by Ben Parr on Mashable.com in October.

Indeed, when using Twitter, I have noticed a lot of DMs in my inbox containing weird messages accompanied by a short URL. Twitters @SPAM acount wrote a few days ago: Getting weird DMs? Probably due to phishing. Don’t go to the links sent in the DMs or give out your login & PW! It seems like the problem is spreading.

The phishing and spamming on Twitter is going on since January! Typical messages look like hi, find out if your iq is higher here http://pei****e.info or you’re on here lol http://v***tter.dfhjkdh.com. They know just how to get you curious enough to click the link, so it’s best to refrain from clicking any link in your DMs for a while. The link takes you to a Twitter login page. If you enter your password, rogue spammers abuse your twitter account to send private messages to you followers, possibly infecting them too. So don’t do it!

If you think some application is sending DMs in without your permission, look to revoke the permission rogue apps have at http://twitter.com/account/connections and change your password at http://twitter.com/account/password.

Twitter says: We’re working to reset PWs and notify users w/affected accounts in the meantime (but feel free to change your PW if worried!)

More on twitter phishing here:
http://mashable.com/2009/10/28/warning-new-twitter-phishing-scam-spreading-via-direct-message/

Fight spamblogs, sites and malicious code

Published by:

A few days ago I encountered a few links that led to sites distributing malicious code. Luckily my Firefox is protected with NoScript , a cool and versatile firefox plugin to simply disable javascript, or parts of it.

Besides protecting oneself, one could decide to report the misbehaves. It’s quite an easy and fun process, which I will explain now.

If the site tries to install malicious code, we may report it to Google. Google tries to protect it’s users from malicious sites, by removing their links from the search results. To do this, Google provides an easy form where we can write down the websites URL.

If you want to go a step further, you could try to ask the service provider to take down the site. This is the most rewarding part. Malicious sites are often hosted in so called shared environments, on a server hosting many different sites. The company maintaining these servers will most definitely not appreciate that one of his clients is abusing the service by distributing malware or spam. A simple mail will get his attention and swift action.

To contact him, we need his e-mail. Almost every service provider maintains a so called “abuse” address where you can report abuse. To find that address, you first need to discover what server the malicious site is running on. You can do that by pinging the address, or to query a whois database. Domaintools is a good whois server to start. Fill in the domain of the offending site, and it will give you the IP address of the server (yellow rectangle in picture 1). Click on the little W (Whois) besides the IP address. Another page opens (picture 2) giving you all the information about the server running the malicious site. Find the abuse address (yellow rectangle) or any address that could lead to the server admin.

If you have all that, launch your mail client and report the offending website. Include IP number of the server(s), the domain name, the full URL address to the offending website, a brief explanation of what’s going on and of course your friendly thanks. Always be polite.. The ISP is your friend.

If lucky next hour or day the offending site will be offline. 😛

Bad Behavior has blocked 1016 access attempts in the last 7 days.