Security researchers from WebSense, have conducted an experiment, proving that Twitter is still a heaven for spammers looking to harvest freshly shared email addresses.
More details on the experiment:
We conducted research on how data that might be considered private is exposed via Twitter. The research focused on shared data, in particular email addresses, that can potentially be used against the one (or the organization) that shared it. During the research we monitored Twitter over a 24 hour period and found that users were publicly sharing email addresses connected with their inboxes, social media identities, and bank accounts. This leaves them open to advanced ‘social spear phishing’ attacks and spam campaigns.
Our research found that thousands of Email addresses are publicly shared daily via Twitter. More than 11,000 email addresses were shared worldwide.
This isn’t the first time that a vendor is aiming to raise awareness on the fact, users sharing their emails publicly, can become targets of successfully crafted spear phishing campaigns.
I little experiment I conducted back in 2009, also provided similar results. Basically, what I did was to measure the trending of words such as “email me at”; or “contact me at”. The results? Thousands of freshly shared emails ready to be harvested by spammers in real-time.
Twitter email harvesters have been in the wild for years, it’s time for Twitter’s users to wake up and realize that the spammers are monitoring Twitter’s global feed, and are successfully harvesting their email addresses.
