Sophos releases top tips to defend against ’spitters’
January 2009 by Sophos
Sophos is advising Twitter users to be vigilant of suspicious accounts that have been using the service to build up databases of contacts in order to spread their spam messages. These spam accounts are recognisable as they tend to follow very large numbers of similarly named Twitter profiles.
More information, and a video capturing evidence of a suspicious Twitter spammer account can be found here:
http://www.sophos.com/blogs/gc/g/2009/01/26/video-twitter-spammer
The video demonstrates how Sophos’s Graham Cluley was alerted by a Twitter account that was also following over a hundred other users, all with user-names containing "Graham" or "Honda".
"The people creating these accounts probably found the usernames by simply using the Twitter search engine for matching names," said Graham Cluley, senior technology consultant at Sophos. "The accounts do not yet appear to have been used to distribute spam messages, but the intention is clear. When these spam twitterers, or ’spitters’, inevitably use the accounts, it could be solely to unleash spam, or they could try and infect users by sending messages that link to malware. One thing is for certain - no one wants to receive them. Your best advice is to block suspicious followers right away."
To reduce the risk of being exposed to this and other recent malicious activity that has targeted the popular micro-blogging service, Sophos recommends that users observe some simple security tips:
1. Block followers that you suspect of being spam accounts or ’spitters’
2. Report suspicious spam accounts to Twitter by sending a message to the ’@spam’ account
3. Do not click on any links in Twitter updates or messages from suspicious user accounts - they may lead to malware infected websites
4. Be wary if you are asked to re-enter any login details - Twitter users have had their passwords phished from them by being taken to bogus websites. Even Stephen Fry, one of Britain’s most popular Twitters, has admitted being fooled into clicking on a dangerous link designed to steal his information
5. Choose a non-dictionary password - a Twitter staff account was recently hacked when the password ’happiness’ was guessed - giving hackers access to celebrity Twitter accounts
Sophos recommends that all computer users ensure that their security defences are up to date and patched against the latest hacking, spam and malware threats.