We’re not only seeing more bogus Twitter invitations, but better quality virus emails too.
The latest Twitter virus campaign to catch our eye realistically spoofs a typical Twitter invitation:
Subject: Your friend invited you to twitter!
From: invitations@twitter.com
While the average virus doesn’t bother to go beyond spoofing the “From” address, this once actually passes bogus data in the SMTP conversation and thus the delivery headers contain spoofed data as well:
[received]: ‘from [24.123.158.2] (helo=twitter.com)
(envelope-from <invitations@twitter.com>)
Since humans don’t typically review Internet headers, it’s almost certain that the extra effort inserting fake data here was made to fool spam filters, and it probably works quite often as well.
Rather than the usual long winded attempts to get recipients to infect their computers (usually with spelling and grammar issues) this virus’s message is refreshingly short and to the point:
Twitter is a service for friends, family, and co-workers to communicate and stay connected through the exchange of quick, frequent answers to one simple question:What are you doing?
To join or to see who invited you, check the attachment.
The simplicity of this message may very well make it more effective than most, and what’s more, the email actually looks very legitimate as well:
Twitter Virus - Click to Enlarge
Regardless, when all is said and done, no matter how well designed and executed the fact is these virus emails still contain two tell-tale file attachments. If the recipient launches either of the attachments, then they will end up infecting their own computer.
document.pdf .exe
Invitation Card.zip
Once infected, the user’s PC will then begin sending more copies of the virus to any and all email addresses found within the infected system, insuring that this campaign will continue to spread and grow.
- -
OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.
Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."
OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.
Related posts:
