A number of people have found my Twitter account and asked to "follow" me (that is, receive my micro-blog messages). I have it set up so that no-one can follow me unless I approve the request first, and since the account was set up specifically for work purposes, I normally only approve co-workers.
Most of the others, of course, are probably not people at all, but some sort of bot trying to direct me towards dubious web sites. This morning, though, I found a request to approve from one of our competitors (and later received another from someone who isn’t a competitor, but doesn’t work for ESET either).
I wouldn’t describe myself as the most sociable of individuals, and I’m pretty sure that even my friends and colleagues in the business aren’t interested in the minutiae of my daily life, but this industry is, to a large extent, founded on communication and cooperation between researchers, even those working for competitors. Furthermore, I just realized that I missed some useful dialogue about the BBC fiasco (I’ll come back to that a little later – well, I didn’t promise to shut up about it). And while I don’t think I can say much in 140 characters that I can’t say better here, I guess some regular readers might find more immediate communication useful occasionally.
So I’ve just created a public account, on a might-as-well-give-it-a-whirl basis. Within two minutes, I received my first spam. (Actually, it looks – I haven’t checked it out – like the sort of phishing expedition described here, but it’s using a TinyURL link by way of obfuscation.)
It appears to come from someone called MMxVdn who wants me to go and pick up a free iPhone. (What a lovely name. Is it Swedish? MMxVdn, that is, not iPhone.) Well, perhaps I will look at the site later, in which case I’ll let you know what I find, but I’m pretty sure it won’t be a free iPhone.
Since I don’t particularly want to attract even more spam by publishing it somewhere as public as this, I won’t tell you what the account name is, but if I tell you that I work for ESET and it’s to do with the blog, you probably won’t find it hard to track down. ;-)
David Harley BA CISSP FBCS CITP
Director of Malware Intelligence
Author David Harley, We Live Security