One of the biggest security problems facing Twitter as it relates to the spread of spam and malware are the many link-shortening services utilized for hyperlink posting. Users are limited to 140 characters per tweet; these URL-shortening services allow tweeters to post a longer link under such tight character limitations. Hackers use these link-shortening services to disguise malicious links. Some infections could be easily prevented by allowing users to see the real URL before clicking on it.
"Another big problem is the fact that search engines - especially Google - index Twitter profiles. This allows malicious pages that are built and marketed with good social engineering tactics to end up high in the rankings," said Catalin Cosoi, BitDefender senior antispam researcher. "Additionally, because Twitter messages are so short lived, users could unknowingly send spam messages without having the opportunity to notice that someone else is using their account."
Some of the common types of Twitter spam include:
1. Tweet spam: Tweet spam comes from someone a user is currently following and everyone following that user will see the tweet.
2. Direct Message: A direct message comes from someone a user is currently following and only the user will see the message.
3. ReTweet Spam: ReTweet spam searches for legitimate tweets and reposts them in the system but with a different, malicious URL.
4. Trending Subjects Spam: Trending subjects spam searches for hot topics on twitter (like Michael Jackson's death) and posts similar tweets with different, malicious URLs.
5. Following Spam: Following spam happens when a user's profile receives a lot of followers he/she doesn't know. If the user does not start following them back within a week, they stop following the user. Statistics show that one in two users will follow back. Usually these profiles are bots which are programmed to acquire as many followers as possible before they can start broadcasting spam.
Fortunately, Twitter users can protect themselves from falling into spam traps by following five tips:
1. Install a comprehensive security solution on your computer - preferably a suite containing antivirus, firewall and a phishing filter.
2. Follow the spam profile on Twitter: http://twitter.com/spam. Users can find good advice here. For example, a recent post states: "If you gave your login and password info to TwitViewer, we strongly suggest you change your password now. Thanks!"
3. Don't click on all the links you receive.
4. Disable the "auto followback" option. This will allow you to pick and chose who you want to follow.
5. Make sure you know who you are following.
"By following these simple tips, users of social networking sites like Twitter can protect themselves from spammers and other cyber criminals," added Cosoi.
For more information on how to protect yourself from Twitter and other social networking sites, please download our "BitDefender Offers Twitter Spam Protection Tips" podcast or visit the BitDefender website at www.bitdefender.com.
About BitDefender' BitDefender is the creator of one of the industry's fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention, emerging as the industry's anti-malware innovator. Every day, BitDefender protects tens of millions of home and corporate users across the globe — giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company's security solutions press room. Additionally, BitDefender's www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware.