Symantec Warns of Twitter Spoofing Email Worm

Antivirus vendor Symantec is warning about an email worm (W32.Ackantta.B@mm) that masquerades as a Twitter invitation. The email carries a zip attachment (Invitation Card.zip) which, if opened, infects the computer with a copy of the worm, harvests email addresses, and then sends the same bogus email to the email addresses it collected. Fortunately, most ISPs and companies have forced malware scanning at the email gateway so this Twitter spoofing email worm is unlikely to get through. Plus, email worms carry attachments so they are really easy to identify and block.

A bigger concern for email users are the current runs of malicious email claiming to be Microsoft security updates, Outlook updates, or package information from UPS. Those don't carry suspicion-causing attachments - just malicious links. The messaging is easily believable to inexperienced users, so the likelihood of click-thru and infection is pretty high. Fortunately, all the runs I've seen so far have contained malware links that are already dead. Seems like the good guys got a head start for a change.