A few days ago I received an email from Twitter announcing a new design layout for user profiles and inviting me to try it. I was busy so I put the email aside intending to check it out later. I ended up forgetting about it and it’s a good thing I did. The email wasn’t from Twitter.
It’s part of a new spam campaign that is brandjacking Twitter. They look quite legit but if you click on the link you’re taken to “Toronto Drug Store”, which is apparently the latest incarnation of the infamous “Canadian Pharmacy” scam ring. CP and its crooked affiliate operation were crushed when the Rustock and Mega-D botnets were taken down. Security experts say a group of the criminals involved in the affiliate program, Spamit/Glavmed, banded together to form a new organization. Like the original Canadian Pharmacy, the new version fulfills orders with fake medications made in India. So far the site is not conducting any malicious activity, only ripping off gullible and ill-informed consumers.
A few months ago, when Twitter was hit with a data breach, they downplayed it saying the affected accounts were all fake/spam accounts. I strongly suspect they were lying to cover themselves because the address I got this spam from is one I use for Twitter and Twitter only. Since the news of the breach broke I’ve noticed several spam messages in that account where before there were none, and that can only mean one thing. I think Twitter has some explaining to do.