There’s been a rash of spam zinging around on Twitter, all of which is directing users to
SmartEcard.com
You can see more about that here, on the Sophos blog. The spammer tactics seem to be changing a little bit, perhaps so they can avoid detection for a little while longer. We’re starting to see profiles that don’t send out spam links via messages, but instead place the spam URLs in the profile description instead.
Here’s a sample, you’ll probably spot the rather odd pattern in the URLs follow:
twishmake.com
twiles.com
twantastic.com
Um, yeah. A little bizarre, I’m sure you’ll agree. All of the above domains look identical to the SmartECard domain, there’s probably more out there too:
Click to Enlarge
As with warnings of the original domain, if you’ve entered any login details at the above sites, go and change them immediately just to be on the safe side. Interestingly, all the profiles I’ve seen related to this scam are blank placeholders with no photo or information added to the fake profiles. However, there IS one where they’ve made a basic attempt to look like a real person:
Click to Enlarge
Don’t be fooled - the above profile is as fake as the rest of them. While you’re probably sick to death of being told to watch what you click on Twitter right now, it’s about the best advice anyone can give.
Original post by Christopher Boyd and software by Elliott Back