Avoid the "March Twitter Lottery"...

Avoid the “March Twitter Lottery”…

Here’s a Twitter spam campaign which looks out for regional references in Tweets, then fires “you have won the Lottery” messages to lucky(?) recipients.

Lottery spam! Also oh dear

The above tweets say

This tweet is the winner of the March Twitter lottery from [username removed]. Claim your winnings at @_UK_Lottery_

Visiting the second spam profile (called UK Lottery Claim) reveals an account touting a large Twitter themed banner and a single Bio message:

Lottery Claim Profile

You have been confirmed by our systems as the March Twitter Lottery winner from your city. Proceed to the link below to claim your winnings. USE THIS LINK [bit.ly URL removed]

The Bit.ly URL has had 3,318 clicks since yesterday.

It leads to

claimyourgifthere(dot)pw

which eventually redirects the clicker to a “voucher & win” sign-up, asking for name, email, DOB, home address and phone number. There’s a “guaranteed prize draw” mentioned, so I guess the prize for winning the so-called Twitter Lottery is…another lottery?

Vouchers?

Both Twitter accounts have already been suspended. Giveaways are all well and good, but random spam sent your way rarely pays dividends. In fact, you could say it’s a bit of a gamble…

Christopher Boyd (Thanks to MrTom for sending over)

 

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.