... continued from the previous page.
Bottom Line: Twitter Traps disguised as "Photoshop"
By this point, I know I've been had. Did you keep count of how many pages and clicks we went through? We were unable to calculate how much revenue we generated for the various players in this game, but it's more than just a few. Are they all somehow related? No idea. But we do know that stalker links all along the way were sending referral pings to other various sites, and recording our actions. A quick Google Search on the actual file reveals that the actual file was only posted 12 hours ago -- about two hours before this tweeter began tweeting these tweets. (There is no guessing how many re-tweets it got, all from over-zealous Twitter tweeters.)
Now, for a real wake-up call, this Google search will illustrate how many people have replicated THAT file across the internet! So, here's Today's Search. Can you believe that??? From three to hundreds?
Ask a few questions
I continued searches for about an hour and failed to reveal any other mention of who "Ron" is, or where the file may have originated. However I did gather some interesting information about how a Twitter user can be lead down a trail that does nothing but produce someone else revenue.
The domains in the trail after Twitter are outside the U.S.
Download links are in Amsterdam, Netherlands, at three IP blocks known for spam and malware.
"Download Turk" is in Cyprus with forged Whois info.
Download domains use WhoisGuard "spam" domains, a known spam / malware trick to evade detection
The "Bit.ly" link in the tweet went to a site in Delhi, India.
All of the pages and links encountered in this exercise follow patterns documented as similar to those used by cybercrime, stalking and phishing entities. This tweeter, or who ever is behind this sad trail went to great measures to avoid detection or identification.
Who do you follow on Twitter?
Can we draw some connection between this sordid trail of abuse and the person who kept tweeting this again and again? I don't know. There's no clue as to who is, where he's at, or why he's tweeting so much about Photoshop. Maybe he's just an over-zealous fan.
He has 1,849 followers, and he follows 85
he has tweeted more than 7,096 tweets
He has tweeted 80 links in the past 12 hours. (one every 9 minutes)
One link was tweeted 19 times, and another 24 times in that period - which leads me to believe they are somehow connected to him, or a revenue source for him. Why else would you tweet so many times in so short of period of time? What did you do 80 times in the last 12 hours?
I checked a few of the other links in his feed, and they went along the same scenario, other than an occasional link to CreativePro, Smashing or some other valid address. Yet, NONE of the links went to the original author's site. ALL went to some site replicating the same links to other sites.
I've run out of time. But you get the picture. If this particular episode is truly innocent, then fine. But what worries me is all those 1,700 followers are re-tweeting the same links. This particular link does eventually get you the file. But only after some considerable time and effort -- while all the time, you don't have a clue whether or not the file is any good, or if it's just malware to plant a worm or zombie on your computer.
I would provide the file here for you and save you the trouble, however: the file "Ron_artistic_edges.rar" contains a .exe file that won't load on the Mac. So if I cannot proof it, then I'm not going to provide it for download. For all I know it's carrying a worm -- this scenario is characteristic of Botnet worm purveyors. The folder also contains a link and an ad for templates4share dot com located in Saarbrcken, Deutschland (188.8.131.52) where every single download follows the above twists and turns to renegade download sites. Some end up on Pharma-spam pages rather than online gambling. So I'm immediately suspicious of connections between this file provider and cybercrime.
Ladies and gentlemen, please do us all a favor:
DO NOT TWEET unless you KNOW what you are tweeting, and
DO NOT CLICK on images, links or perceived downloads until you
LOOK at the status bar and understand where the link will take you.
In the course of writing this article we encountered more than a dozen other heavy tweeters in the Photoshop genre which follow the SAME pattern.
Like always say: it's a jungle out there!
Thanks for reading
Don't forget ... we encourage you to share your discoveries about favorite or famous graphic designers and illustrators with other readers. Just comment below, join the forums for discussion, or give me a tweet at Twitter/DTG_Magazine
Here are just a few of the evil goings-on behind the scene of tweeting, and, just a few more things to watch out for in the online jungle:
Warning: Evil Tweets
Evil Twitter Marketing Techniques
Classic (And Evil) Twitter Spam
How to increase Twitter Followers... the evil way!
State of Twitter Spam
Here Comes Twitter Spam And How To Fight It (techcrunch.com)
Twitter Spam: 3 Ways Scammers are Filling Twitter With Junk
Get Paid To Tweet? (Twitter)
Can You Get Paid to Tweet?