Twitter scam exploits Doctor Who actress’ name

March 22nd, 2012 by | 1 Comment

Image by eldh

Yesterday, the people behind the sci-fi show Doctor Who used Twitter to unveil a handful of announcements about their upcoming season. And like wildfire, every tweet they send out coursed through the Twitterverse and crossed over to other social networks like Facebooks, Tumblr and Pinterest. Quite naturally, this blitzkrieg-esque flood of attention to a specific topic not only caused them to trend worldwide, but they also attracted malicious activities to flock the social media giant. One in particular exploited the name of actress Jenna-Louis Coleman, the latest companion to the show’s protagonist.

“Unfortunately, there are frequently mischief-makers, scammers and cybercriminals waiting to exploit a popular search term or hashtag.” said Sophos senior technology consultant Graham Clueley in a post on the security solutions developer’s official blog.

These scams leverage on the popular terms and topics and often contain poisoned links that would direct unsuspecting victims to more malicious activities outside Twitter. They even employ the use of hashtags to ensure their visibility when searches on Twitter are conducted. These are called clickjacking exploits.

The example the blog post gave involved Jenna-Louis Coleman’s name used in tweets alongside hashtags that referred to sites that supposedly contained sex videos. But after clicking on the included links, users are directed to a Web site that contained nothing about the actress, the role she will be playing, or the TV show she is set to star in. Instead, it appears to be a portal for Asian hardcore pornographic videos.

Image from Sophos’ Naked Security Blog

It is unsurprising that the scam would be exploiting the actress’ name, given that Doctor Who is such a massively popular hit, and that the last time a new companion stepped into the show was two years ago. The fact that the exploit promises sex videos relating to her makes it even more tempting for the curious to click on.

Clueley examined the malicious Web site and found that each video was masking a secret Twitter follow button.

“The point is that you should always be cautious about the links which you click on.” Clueley added. “Of course, it’s Jenna-Louise Coleman today and will be someone else tomorrow. Twitter spammers are simply grabbing the latest trending topics and shoving them in their tweets in the hope that users will stumble across them and fall into their trap.”

Tags: , , ,


Contact us for Free Analysis