Spammers not hitting Twitter yet, after all

By Emily Chung, CBCNews.ca

Yesterday, I received a note in my inbox saying that the security firm Websense had "already detected tens of thousands of spam messages with #SwineFlu themed subjects via Twitter, mostly offering cheap pharma drugs."

The note, from a public relations firm representing the internet security firm Websense, seemed worth mentioning, so I wrote about it. It was the first I'd heard of spammers using Twitter, a social networking site that is growing quickly in popularity.

That was interesting because Twitter has a couple of qualities that might appeal to spammers. First of all, it's designed to be an online community where you can interact with both friends and strangers. Secondly, the 140-character limit for all messages or tweets encourages people to shorten links, making them unidentifiable. When you click on that URL, you need to have to trust the person who posted it. There is always the chance it could take you somewhere unexpected and possibly dangerous.

Today, the public relations firm staffer who sent yesterday's e-mail apologized – it turns out she had misunderstood. The swineflu spam was being sent out by the usual method: e-mail. And while there was a buzz about swineflu on Twitter that spammers had picked up on, Twitter wasn't where the spam was at.

I spoke to Stephan Chenette, manager of security research for Websense, who said that spammers have yet to take advantage of Twitter's possibilities.

"That's not happening, from what we see, just yet," he said.

And so far, their emails, with subject lines offering swineflu meds and antibiotics, do nothing except advertise drugs. However, Chenette said new categories of spam often evolve to incorporate phishing lures and links to malicious websites. Those can be used to steal personal information or distribute malicious code. In the meantime, he said, Websense is keeping an eye on the situation.