searchtwitterarrow rightmail strokearrow leftmail solidfacebooklinkedinplusangle upmagazine plus
Help Net Security - Daily information security news with a focus on enterprise security.
Help Net Security - Daily information security news with a focus on enterprise security.
  • News
  • Features
  • Expert analysis
  • Videos
  • Reviews
  • Events
  • Whitepapers
  • Industry news
  • Product showcase
  • Newsletters
Zeljka Zorz
Zeljka Zorz, Editor-in-Chief, Help Net Security
March 21, 2017
Share

Offer of nude celeb photos turns Twitter users into spammers

If not careful, Twitter users who are dead set on seeing nude photos of WWE star Paige will end up on marketers’ spam lists and with their own Twitter account pushing out messages leading other users to the same scam they fell for.

How the scam unfolds

The road to compromise starts with tweets offering the aforementioned photos and videos, and a bit.ly (shortened) link. Some of the tweets note in advance that the user will have to “Acept (sic) the App First”.

Users who follow the link – and so far nearly 7,000 users did – will land on a page that requires them to enter their Twitter username and password to authorise an app named “Viral News” to use their Twitter account:

nude celeb photos Twitter spammers

It is written plainly that the app will be able to post tweets on behalf of the user, but apparently that doesn’t worry many of them, although it should. As they are redirected to another web page once the app is installed, the app immediately begins tweeting from the victim’s account.

In the meantime, the user is redirected through several sites, and ultimately lands on an Amazon themed survey gift card page. He is instructed to enter his name and email address to be finally able to see the photos.

Malwarebytes’ Chris Boyd does not say whether, in the end, the user gets to see the photos or not. What is certain is that they have become a small cog in the machine that perpetuates this type of scam.

“As freshly leaked pictures and video of celebrities continue to be dropped online, so too will scammers try to make capital out of image-hungry clickers,” Boyd notes.

“Apart from the fact that these images have been taken without permission so you really shouldn’t be hunting for them, anyone going digging on less than reputable sites is pretty much declaring open season on their computers. Do yourself a favour and leave this leak alone. It probably won’t be long before the Malware authors and exploit slingers roll into town.”

More about
  • account hijacking
  • spam
  • Twitter
Share this

Featured news

  • A bug revealed ChatGPT users’ chat history, personal and billing data
  • Known unknowns: Refining your approach to uncategorized web traffic
  • Prioritizing data security amid workforce disruptions
How to protect online privacy in the age of pixel trackers

Sponsored

Webinar: Tips from MSSPs to MSSPs – starting a vCISO practice

Security in the cloud with more automation

CISOs struggle with stress and limited resources

How to scale cybersecurity for your business

Don't miss

BEC scammers are after physical goods, the FBI warns

A bug revealed ChatGPT users’ chat history, personal and billing data

Known unknowns: Refining your approach to uncategorized web traffic

Prioritizing data security amid workforce disruptions

CISA releases free tool for detecting malicious activity in Microsoft cloud environments

Cybersecurity news
Help Net Security - Daily information security news with a focus on enterprise security.
© Copyright 1998-2023 by Help Net Security
Read our privacy policy | About us | Advertise
Follow us