Over the past couple of months, we have observed variants of fake Twitter notifications that link to Canadian Pharmacy websites. The criminals behind these spam campaigns have made their social engineering so versatile that it covers a wide range of interests, one of which is the upcoming FIFA World Cup 2010. As most of you know, FIFA World Cup 2010 kicks off today and this event is another opportunity for cybercriminals to target.
Below is a sample of spam messages claiming to be from Twitter, notifying users that the email address associated with their Twitter account has changed. Then a confusing phrase enters the message, saying "New Service for staff picks for World Cup Twitter" with an accompanying link.
The link seems to be pointing to a hacked webserver serving the cybercriminal's HTML file. Inspecting one of the HTML files, we noticed that it contains a META refresh tag that points to islandspeak.com that redirects to a Canadian Pharmacy website similar to this.
These Twitter spam campaigns not only target the World Cup, they also come in different "flavours" such as messages relating to fashion, technology, and sensational news items.
With the ongoing FIFA World Cup 2010, a wave of scams and spam relating to this event is inevitable. There is no patch for social engineering and the best way to protect you is caution.