Spam with direct messages on Twitter and links to tweets

A few months ago many Twitter users began to have problems with sending links through direct or private messages. Many of us think that it was a security measure to fight spam, which would not be bad, but in reality it was a mistake that for some reason has not yet been solved.

The truth is that some links work and others do not, as if there was a black and white list of allowed domains. Among the allowed domains seems to be their own twitter.com and spammers are taking advantage of it to do their thing.

In the last few hours I received several direct messages sent as spam from contacts who compromised their accounts in some way:

The messages had the same characteristics, they were simply links to tweets from spam profiles that they are using to promote pharmaceutical products:

Another spam profile:

And other:

The links published in these profiles can redirect to different pages, in my case it ended in one like the following:

The technique works because the links arrive by direct message without encountering the Twitter error, but they look very suspicious. Instead of links to tweets they could do something more elaborate and take advantage of other domains that allow more direct redirects, I was carrying out some tests and the Google Drive ones worked for me in all posts, so be careful with that because they seem like secure links by having https and be Google domains, but they can actually redirect us to anywhere.

Twitter also has security filters that block suspicious links that are published in profiles. For some of these spam links I came across the following warning:

Undoubtedly a point in favor of the social network, also spam profiles are usually deleted in a matter of hours if they receive multiple complaints.

Remember:

– Be careful with the links you receive or you find on Twitter, you never know where you can end up.

– Many services allow you to login with Twitter, so when entering your password make sure that the domain is https://twitter.com With https in the beginning and well written, many phishing attacks use domains that look like twitter.com to deceive our eyes.

– Do not install applications in your profile of unknown origin, it is never unnecessary to review the list of installed applications from Settings / Applications and delete those that you no longer use or do not know how they got there.

I hope the information is useful, if you have other tips to protect the accounts do not hesitate to share them.