Although Commtouch is not that well known, even in the IT security field, its technology powers the ITsec platforms of several major vendors, notably BullGuard and Conduit. The firm says its technology powers ITsec applications that are used by more than 230 million users.
According to Turiel, over the last week or so, Tumblr accounts have been used by scammers to redirect users to their work-from-home sites.
The redirection, he asserts, is based on functionality provided by Tumblr and scam starts with an email promising great riches.
"I was at home and started skimming on MSNBC's county self-employed section on Wednesday and then was infatuated with this interesting online based opportunity where college students continue to earn up to $3700 a /wk+ & I didn't understand all of it at the beginning but we just had to try it and thankfully I did since I've earned myself $426.68 my very 2nd day trying. It's completely simple. I've already been paid straight into my bank account - it's probably the best thing that's happened to us this year", says the email.
Turiel says that a brief search on the Internet shows that the email s clearly a scam, and that many people have lost money purchasing the `kits' as a result of the messages.
After creating a Tumblr account, the Commtouch director says that the scammers then exploit one of Tumblr's useful features whereby users can create a Tumblr link that automatically redirects to another site.
"The idea is that you can use you Tumblr page as the basis for you entire online presence", he says in his latest security posting.
The advantage of using Tumblr as a scam launchpad, he adds, is that URL filtering/web security products will usually categorise URLs from the Tumblr domain as blogs.
Because of this, he explains, they will not usually block access, as redirection is built into the site.
There are, he says, no HTML scripts required - and the service is free.
The destination page, he adds, is a `newspaper' where every link leads to the scam purchase page. The page is then customised based on the user's IP address.