The campaigns of spam on Twitter they are quite common and not necessarily due to platform flaws, but rather due to carelessness of the users who compromise their accounts on phishing pages. Once this happens, all kinds of spam messages are automatically sent to deceive more people, infect computers or promote products.
In the last few hours Kaspersky detected a campaign that spread false antivirus by malicious .tk links and .tw1.su:
When clicked, victims ended up on pages prepared with BlackHole – a sophisticated exploit kit designed to infect – and classic fake antivirus alerts that simulate performing a system analysis and then offering to download a fake program:
What do they gain by doing this? Well, they don't do it precisely for fun or because they are boring, but because in this illegal way they can earn large amounts of money. Every time a victim installs a fake antivirus they earn a commission paid by an affiliate system that operates out of obscure anonymity.
I recently discussed the case of a professional cybercriminal who in less than a month had infected 40,000 computers with fake antivirus programs, earning $ 17,000 in profits. If you want to know more about the operation of this dirty and illegal business, I recommend reading a report from Panda that I commented on here, it was published in 2009 when the market for fake antivirus was at its peak.
Returning to the subject of Twitter, from the official account @safety destined to publish security notices, they constantly remind us to be careful with the links we follow and the pages where we enter our password. It is worth following it to stay on top of the latest threats.
Finally mention that if your account is compromised, that is, you detect that spam messages are being sent from it, you must change password immediately and verify the applications you have installed to revoke access to all those that are strange.
See also: Beware of fake RTs (fake retwitts). Searching for models on the internet can be dangerous.