'Work from home' spam scam floods Twitter
Be Your Own
Cybercrooks are using compromised Twitter accounts to spamvertise work-at-home scams.
The bogus messages appear as both direct messages and regular Twitter updates that attempt to induce users into visiting fraudulent websites punting supposed opportunities to make thousands for little or no effort. The dodgy messages link to supposed news articles on the opportunity.
Cleverly these articles would appear to come from (often made-up) news outlets near a prospective mark's geographical location. But the scam isn't perfect in its geographical optimisation. For example, recipients in the UK are offered the chance to earn dollars rather than pounds.
Net security firm Sophos, which carries a detailed warning of the scam here, reckons the Twitter accounts used to power the ruse were probably compromised via a recent run of phishing scams targeting users of the micro-blogging platform.
The messages spread via the scam are more plausible because they will arrive from an online friend or acquaintance of prospective marks.
The "make money fast" websites promoted via the scam are mostly targeting single mothers and teenagers. It is probable that victims are tricked into handing over money for sales packs or training materials with little hope of recovering their initial investment. Much the same tactic is sometimes used to recruit phishing mules, though it's unclear if that's whats happening in this case. ®
Sponsored: Global DDoS threat landscape report