Dec 12, 2010 13:20 GMT  ·  By

Spammers are trying to capitalize on the Twitter WikiLeaks buzz by sending out fake emails that purport to come from the microblogging site and direct users to rogue online pharmacy sites.

The email is very well crafted, containing a fake version of the headers which Twitter is adding,” warns Sorin Mustaca, a data security expert at German antivirus vendor Avira.

The spammers also make use of Twitter’s real email template, which includes its logo, color scheme and disclaimer, in order to add credibility to the fake messages.

The emails bear a subject of “WikiLeaks on Twitter!” and read “Hello, Twitter-er! [date] @WIKILEAKS on Twitter! http://twitter.com/WIKILEAKS/[CENSORED].” They are signed by “The Twitter Team.”

Instead of leading to WikiLeak’s Twitter account, the included link takes users to rogue online pharmacy websites pushing the usual male enhancement pills.

WikiLeaks and the leaked U.S. Department of State cables are such a hot topic in the world right now that this kind of attacks were bound to happen.

Cyber criminals hardly ever miss a chance to exploit an event attracting considerable public interest, whether it’s the death of a celebrity, a natural disaster or a major holiday.

In fact, just days ago we reported about a wave of rogue emails citing fake breaking news and purporting to come from WikiLeaks.

The included links sent recipients to a Java-based malware downloader, whose purpose was to install a backdoor on their computers.

Another type of attack to watch out for during this period, aside from the email-based ones, is black hat search engine optimization (BHSEO). This involves poisoning search results for WikiLeaks-related keywords by artificially increasing the PageRank of malicious links.

Users are advised to be very cautious when dealing with emails that contain links, even when they appear to originate from known sources. Also, buying from spam sites, especially those selling unregulated drugs, carries a great health risk.

Photo Gallery (2 Images)

Spammers trick users with links to WikiLeak's Twitter account
Fake Twitter email
Open gallery