Sherlock Holmes Wanted on Twitter?

“From a drop of water a logician could infer the possibility of an Atlantic or a Niagara without having seen or heard of one or the other.” As fascinating as holmesian inductive methods may be, fortunately for us, the logic skills required to avoid Twitter scams are, most of the time, less refined than those outlined in this quote from A Study in Scarlet.

In fact, the deal’s pretty simple. Let’s say you get a direct message about a fresh new anti-spam feature your Twitter account might benefit from.

Who’s to say it’s not real? The minimum precaution of looking for more info about this new Twitter feature on the net (or even better, on the Twitter official page) would clear the matter immediately. Well, let’s just say you don’t have the time to do it or that (better) anti-spam protection on Twitter is what you’ve been waiting for …like….forever. No double-checking then!

We’ll go ahead and assume that you do know something about the message sender’s identity. Never met his/her mother. OMG! Got so many followers you’ve lost track of who’s who? Fair enough.  

At this point, unless your slightly paranoid evil twin lightly taps your shoulder saying: “what’s the deal with that smile at the end?”, you’ll probably go ahead and click the link. It’s one message among countless others, after all….

Or not. If you take a look at the other direct message from the same sender, you’ll probably notice that it’s got a scammy ring to it. A ring that’ll turn into a roar if you’re a Facebook user as well.

Not so long ago, we warned you about the microblogging platform and the social network’s shared scam guilty pleasure. Back then, the migrating scams were the infamous “see who viewed your profile”, followed closely by the devilish “how long have you spent on [platform of choice]”.

This time, the trick stepping out of its comfort zone is the one playing on users’ curiosity about allegedly funny/scandalous videos/photos of them published on the net. Don’t you think “haha what were you thinking in this picture?” bears a striking resemblance to “OMG, [name] what are you doing in this picture/video”, one of the oldest and most prolific Facebook scam baits? (a recently discovered wave of the “is this you?” family described in detail here).

So, what’s the simple lesson that we’ve learnt today? The clue is right there, in your account. Just read it!

Stay safe and click wisely!

This article is based on the technical information provided courtesy of Tudor Florescu, BitDefender Online Threats Analyst.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.