Nato forwards me a fake Twitter email that pretends to be the alert of a supposed direct message received. Detecting it is simple, as you can see in the following screenshot, all the links point to a site that has nothing to do with Twitter:
Clicking ends up in a fraudulent online pharmacy. The attack is similar to the ones I had recently commented on YouTube and Apple, spammers infect sites and put a code that performs an automatic redirect on access. In this case the code is:
Spam page source code
Like the cases discussed in the Apple post, the infected site has its statistics system open so you can see the visits received by the spam pages. The following are May data:
Statistics of the infected site
Spam pages are cavernous.html, freeway.html and prentice.html, they all have the same source code and redirect to different fake pharmacy sites. In total they received more than 6 thousand visits during the last monthThat is to say, about 6 thousand people clicked on these spam emails.
Thanks born for the delivery.
See also: Beware of fake retwitts. Site infected with 2 million spam pages generated. Your infected computer may be sending 2 spam emails per second.