Someone, something going by the handle @mahanarfmhul3 (a.k.a Mahana Cox) sent me the following message on Twitter:
As of this writing, @mahanarfmhul3 began emitting tweets about two hours ago with a frequency of 1 tweet every 3~5 minutes. The account totals 26 tweets. 19 of them are of the same kind I received:
While the remaining 7 look harmless ; most probably to thwart Twitter’s algorithms for detecting SPAM and phishing attempts. 5 of these “innocuous” tweets are written in English while 2 are in Spanish:
I highlighted a tweet apparently addressed to someone called AdamWeitner. Except that Adam Weitner is not following “Mahana Cox”. And the tweet is not addressed properly to him since the @ sign is not used as a prefix.
Now let’s look into the phony link I received: tinyurl(dot)com/6v5g4wz. Since it’s a TinyURL shortened link, we can preview it by prefixing the URL with preview:
Now that we have the URL behind the shortened link, we can dig a bit further. whois tells us that the domain is very fresh as it was created on Dec 4, 2011 through GoDaddy.
McAfee’s Threat Intelligence and MalwareDomainList do not have identification data (yet) for this URL.
However, Wepawet finds some interesting results:
ipadzu(dot)net seems to be yet another site hosting one of those numerous Free iPad2 scams that are running rampant on Twitter. WOT gives it a poor reputation:
This shows once more why it is unsafe to click on URLs, shortened or otherwise, before doing some basic checks.
During the course of this investigation, no animal was harmed. However, it seems that LongURL have some funny results to say the least:
Sorry Mehana, I am not interested in your free iPad 2 and I’ve flagged you as a spammer with Twitter.
(view comments)
-
physicaleo4 liked this
-
february29lo liked this
-
guest008 liked this
-
myblogself posted this
