IT security and data protection firm Sophos is warning that thousands of Twitter users are seeing unexpected messages from hacked online friends promoting a weight loss supplement. The message links to what pretends to be a news website, but it is really designed to promote an Acai Berry "miracle diet", marketed as "Power Slim", which claims to help subscribers "get the beach body you've always wanted".
Typical messages being circulated on Twitter contain the following text:
"Get the beach body you've always wanted, now you can with this weight loss supplement [LINK]"
The fake news site, News 3, claims that the Acai Berry weight loss fad has been featured in Women's Health, Elle, Marie Claire, Oprah, Cosmopolitan and many other magazines.
"If this diet aid is really such a miraculous product and it's getting this much media attention, it seems odd that it has to be promoted through spam via compromised Twitter accounts", said Graham Cluley, senior technology consultant at Sophos. "It's currently unclear how the Twitter accounts have been hacked, but it is possible that users' passwords have been compromised. Affected users should change their passwords immediately."
"Too many people use the same password for every website they access. If users' accounts have been compromised, they must make sure they change their password to something which is not a dictionary word, and something that is difficult to guess", continued Cluley. "Furthermore, change any other online accounts where the same password is being used. Having the same password for multiple websites increases the chances of being hacked - if you don't learn that lesson now you're going to end up in trouble sooner or later."