Experts have caught on to a pharma spam
campaign that leverages Twitter's link shortening service to send users to pages touting bootleg drugs made in India. In a blog post
by Andrew Conway, research analyst at Cloudmark, details a recent spike in malicious URL activity using the t.co service.
Using a sample of 1,200 t.co links between July 22 and July 29 reported to the Cloudmark Global Threat Network as spam, Conway discovered that a majority of the URLs redirected users two pharma landing pages. Additionally, the advertising techniques used for both were nearly identical, leading Conway to believe it was the work of a single spammer.
Of the shortened URLs blacklisted by Cloudmark during this timeframe, a majority, 59 percent, belong to Twitter, and this spammer seems to be responsible for the bulk of those.