Becks loves me

By Candid Wueest

David Beckham loves me! Well, love might be too strong a word as we’ve never actually met in real life, but I can confirm he at least is showing interest - he subscribed to my Twitter account this morning. At first I wasn’t sure if it really was David, but the photo sure looked like him.

Becks following me on Twitter, who would have thought? To my surprise it looks like he’s swapped the bright lights of LA and Milan for China. Guess he’s hoping that country’s noted faith healers can get him fit in time for the World Cup.

Sadly for England and myself, after a little reflection I realised my new follower is not Beckham and I’d fallen victim of the growing practice of “hijacking” Twitter for spam. Becks is actually a Chinese online retailer using Twitter to push its sales (see screenshot below).

The credibility of the fake account is bolstered by other fraudulent accounts linking back to it and by cross following legitimate Twitter accounts, which probably have been hacked earlier.

In this particular case, the false David followed over a thousand accounts with a single common link – the account name contains the word “candid”, which is my given name. This malicious activity is fast becoming common practice nowadays. Attackers are creating Twitter accounts as a vehicle for spam advertising and, sometimes, they even include short links pointing to infected websites.

Unfortunately, the spammers often succeed as many people allow their curiosity to get the better of them and click on nearly every link they see without thinking about the consequences. At Symantec, we’ve even come across Twitter accounts with positive reputations for sale on the underground market. This proves that spammers are keeping abreast of new technologies as they send direct spam messages as personal tweets or simulate random people following users.

Remember, always be sceptical if someone you don’t know starts following you or sends you strange direct messages. Also always check the account carefully. It is not always easy to determine if you are reading the official Twitter account of someone or that of a clever impostor.

By the way, if you know David personally, please tell him I would be honoured if he follows my tweets for real.