14 DAY TRIAL // Security researchers warn that a new wave of spam emails pose as warnings from Twitter and contain links to rogue online pharmacy websites.
The rogue emails bear a subject of "You have 3 warning(s) from Twitter!" and have spoofed headers to appear as if they originate from a twitter-warning-[recipient]@postmaster.twitter.com address.
The contained message reads "Hello, Twitter-er! You have 3 warning(s) from Twitter! http://twitter.com/account/warning/[random_letters_and_digits]" and is allegedly signed by The Twitter Team.
It seems that spammers abused a real Twitter email template, which contains the Twitter logo and a footer, with a disclaimer and instructions not to answer back.
The link included in the email points to a rogue online pharmacy website called Canadian Health&Care Mall, which illegaly sells prescription drugs.
"If you buy drugs online from one of these websites you're not only putting your personal information at risk (remember these guys are prepared to spam and use dirty tricks to promote their sites, so they aren't likely to flinch about doing something naughty with your credit card details), but you're also potentially putting your health in jeopardy," Graham Cluley, senior technology consultant at Sophos, warns.
Rogue emails masquerading as official communications from Twitter or other popular service are relatively common and this technique seems to have been adopted for all types of spam.
We've seen it used to distribute attachments containing trojans, as well as direct users to websites, that push scareware, sell counterfeit goods or launch drive-by downloads.
Users are advised to exercise increase caution when dealing with emails that contain attachments or links, even when they appear to originate from legitimate sources.
People should always check where a link actually leads by hovering the mouse over it, before clicking on it. If it doesn't point to the domain it claims to, then the email is most likely a scam.