Security researchers from Sophos warn about a new spam campaign pushing fake Twitter account suspension emails that lead to surveys.The emails bear a subject of "Account Suspension" and have spoofed headers to appear as originating from email@example.com.
The rogue messages bear a resemblance to older Twitter communications and were probably created based on a template.
"Twitter is currently upgrading at this time.We dont want to delete your account. Please Re-verify your account by entering your name, email, or zip by one of our business partners below.
"Click here to complete some free offers. Note All suspended accounts cannot be restored so please complete this offer within 2 days to avoid suspension," they read.
In an attempt to evade spam filters, the spammers crafted the whole email body as an image. There is no text and clicking anywhere on the image takes users to a survey hosted on an external website.
"Well, stop right there - and don't do what the email says, because it's a scam designed to steal your personal information and make money for fraudsters," warns Graham Cluley, a senior technology consultant at Sophos.
The people behind this campaign are using an affiliate marketing program, possibly without the direct knowledge of the its owners. Every time a user discloses their personal information and signs up for an offer the scammers earn a commission for acting as referrers.
This type of scams are very popular on social networking websites, however, they have recently started making their way into other environments as well, such as YouTube or email.
Users are advised to always be wary of emails asking for their personal information or containing links, regardless of whether they appear to originate from a trusted source or not.