Header Ads

Symantec Security Response: Scammers take to Tumblr with the Tumblr diet

Spam message utilizing Tumblr's Ask feature

The growth in popularity of Tumblr, particularly with younger Internet users, has drawn the attention of spammers. Symantec Security Response has come across a spam campaign that is utilizing a feature on Tumblr similar to the type of commenting you might see on blogs or other social networks. More details after the jump.

Tumblr calls this feature “Ask,” where your followers can ask you questions on your Tumblr blog. The feature is disabled by default, but you can enable it in your account settings and even allow anonymous comments. Spammers are attempting to take advantage of this feature to peddle their wares.

“WOW, I just lost a bunch of weight using the OFFICIAL TUMBLR DIET!! Are u using it as well? Check it out at [REMOVED][d0t]com”

Fake health magazine site promoting diet pill

Clearly, there’s no such thing as an official Tumblr diet. Instead, the URL provided in the spam message leads to a website that mimics a popular health magazine, espousing the benefits of a new diet pill.

The page is full of information about a “miracle pill” along with testimonials and offers links to sites where the user can get some. If the user clicks through, they are brought to an order page. However, the site appears to have a limited supply. Stock is set to run out, coincidentally on the same day the user is visiting the page.

Although Symantec is uncertain if the site will actually send genuine or fake diet pills, or if it is another scam, we recommend not attempting to purchase goods through offers like these.

Tumblr has implemented an Ignore feature, where you can block the account, IP, and/or computer sending them. Overall, this spam should be treated just the same way as any other Ask or comment-related spam: do not answer such submissions, do not visit the URLs provided, and do not give any personal details to less-than reputable websites.

For more information, please proceed to the Symantec Security Response blog post or follow us at @SymantecASEAN.

Back to top

Top trending post

No comments:

Powered by Blogger.