14 DAY TRIAL // Over the past few days, a large number of HootSuite accounts have been hacked and abused to spread links to shady miracle diet websites.
The hacked HootSuite accounts, including ones of celebrities, are used to send out messages on Twitter that read something like this: “get a free groupon of pure garcinia cambogia, according to groupon this stuff is great to stay healthy! [link]”
Another type of message reads: “Pure Garcinia Cambogia Extract:What Do The Reviews Say? The Bethlehem Scoop on Pure Garcinia Cambogia. [link]”
The links from these posts point to two types of websites: bogus weight loss sites that advertise Garcinia Cambogia pills, or a fake Groupon page that offers deals on similar products.
On the Groupon website, users who want to claim the so-called deal are taken (via multiple redirects) to a survey page. On this page, they’re promised various prizes if they answer a few questions.
This scam site changes depending on the victim’s location.
In the end, users are instructed to enter their phone numbers. By doing so, they’re actually signing up for paid mobile services that can inflate their bills with up to €50 ($66).
It’s worth noting that the other buttons on the bogus Groupon site point to the legitimate groupon.com domain. This will probably make a lot of users think they’re on the genuine website.
As far as the other Garcinia Cambogia diet websites are concerned, they all instruct users to hand over their shipping and billing details, including name, address, phone number, email address, credit card number, CVV, and expiry date.
According to HootSuite, around 7,000 user accounts (0.1% of the entire user base) have been compromised and abused for this spam campaign.
The company’s representatives have told TechCrunch that their own systems have not been hacked. Instead, the spammers have accessed the accounts after stealing credentials from other websites.
“In this case, the unauthorized users accessed HootSuite through a third-party application using OAuth. In response, we’ve temporarily disabled access to OAuth from the affected third-party online service, and will continue to deploy efforts to keep our users safe,” HootSuite stated.
The company advises impacted users to change their usernames and passwords to prevent further abuse.
