Twitter users are receiving direct messages (DMs) saying, “hey! check out this funny blog about you…” along with a link to blogspot.com. This simply a ploy to get information -in this case your Twitter user name and password. There is no funny blog about you.
Twitter users who receive the messages, either on their Twitter page or on their mobile device, are directed to click on the bogus link and when they do, they see a screen that looks like the Twitter site, but is actually a fake (see screen shot below -courtesy of The Twitter Blog). The phishing site url is twitter.access-logins.com (Note that the domain name before .com is access-logins and not twitter).
Once the user name and password are entered, the phishing program is able to access the user’s account and send the same phony message to all of users on the victim’s friend list. In this way, the scheme is very similar to the Facebook wall post phishing scam that went around over Christmas. In that version, users were told their photos had been posted to sites with names including floatclick.com, bakespoil.com, and wagfloat.com.
Twitter users have been vocal in sharing information and warning others about the attack. Check out #phishing to read and join the latest discussion.
The same advice given for the Facebook scheme applies here,
Never click on any unknown link, even if sent from a friend.
Specifically, if you want to visit Twitter, do not click on a link to the site. Open a window or tab in your browser and type in the url.
Always double check the url on the top of the page you are browsing and make sure it is the real domain (for example, ebay.com and not your-ebay-account.com).
AOL Stalker - In 2006 AOL accidentally released private search data from its users setting off a wave of controversy around how search companies such as AOL, Yahoo, Microsoft, and Google store and use data. Today Microsoft keeps personally identifiable information (a user’s IP address) for 18 months. Yahoo destroys this information after 90 days and Google keeps an IP address for nine months. After that time some companies will delete the whole address while other companies will delete the last two digits only. Even this is a point of controversy as the preceding digits can still tell a lot about a users location much like the first few digits of a phone number such as the area code.
AOL stalker is a private website that was set up in 2006, when the AOL search data was leaked. That data did not come attached with names, however the user numbers are listed. The site allowed visitors to type in either a user number or search term and see the results which were at times funny, strange, or tragic -searches that describe pregnancies that may or may not have resulted in birth, cancer scares, and bizarre searches around murders and crime scenes.
Today users can see the 2006 results or up to the minute results that show IP addresses minus the last two digits.
Cracked.com - Cracked.com is one of those wonderful websites that serves absolutely no useful purpose but will keep you occupied for hours. Where else can you find artciles with titles like “9 Awesome Places to Have Sex (And the Horrific Consequences)”?
419eater.com - Unless you have managed to avoid getting an email account, you have likely received a message at one time that promised a large inheritance, said you won the lottery, or offered money for cashing checks. Perhaps you received a strange email that looked something like this:
I am Mrs. Rose Nkama. I was married to late Mr.Nkama,The CEO Veekrol Link Ltd London United Kingdom, a seasoned contractor in England.Before he died in the year 2006. We were married for eleven years without a child. He died after a brief illness. When my husband was alive,he deposited EUR 4.3 EURO with a security company…
Most of these scams fall under the broad umbrella known as advance-fee fraud or “419 scams” -so named because 419 is the code for fraud under Nigeran law and many of these scams once originated in Nigeria. Today they are in place all over the world including Russia, Vietnam, the UK, and the United States, and some of the first advance fee fraud scams started in Spain and were known as Spanish Prisoner scams.
419Eater is a site devoted to turning the table on the scam artists. Site members answer these emails and “bait” the scammers by pretending to be victims, often adopting funny character names such as “Luke Skywalker” or “Captain Morgan” with surprisingly funny results. It’s easy to loose hours of time reading this correspondence, browsing scam artist photos and watching videos.
“Are you aware that your profile pix are all over bakespoil-com-you gotta see it?” Messages like this one telling people that their pictures have been posted to unknown sites are spreading across Facebook. In most cases, users will see these messages as “posts” from trusted friends on their Facebook profile pages. Accustomed to trusting their friends and worried about having their photos posted on strange websites, people copy and paste the website link into their browsers, which is when the trouble begins.
This is the latest address-book scam to hit Facebook and it works like a classic phishing scheme. Users receive a message from a trusted friend:
“Did you upload your images at floatclick-com-have you seen it.”
Trusting their friend, the user copies the link into their browser (the links in the Facebook “wall post” are not clickable themselves).
Once the user enters the link, they are brought to a site that will bring up pop-up ads and ask for information including including the user’s email and their friend’s email under the guise of needing this info to show the user their pictures.
This is where the phishing begins. Through any of a number of techniques, the user is “tricked” into providing the site with enough information so that it may access the user’s Facebook account and friend list.
Once this happens, the user’s account is used to send these same messages to all of their friends and the cycle begins again.
Here is a screen shot from a friend’s Facebook account which was hit by this scheme. Over the course of 24 hours, his account sent hundreds of messages to his friends about phony photos. The screen shot below shows a five minute period:
The domains mentioned in the messages are registered to “Victoria David,” which may be a fake name, and appear to have been registered within the last week.
Most phishing schemes are technically simple and rely on trickery to get information such as user names, email and passwords. They are surprisingly effective, sometimes more so than more advanced hacks and viruses. For example, although most of the contacts on my friend’s Facebook list are very technically savvy people with the latest anti-virus software, several willingly went to the phishing sites and gave up their personal information despite the fact that, 1. the posts were grammatically incorrect and our friend is a writer, and 2. they had never posted their messages to any of the listed websites. They visited the sites simply because it didn’t enter their minds that a friend would send them to a scam site -and of course he didn’t, but the phishing scheme that hijacked his Facebook account did.
The same common sense approach that one uses in email -never click on or visit an unknown link, even from a friend- applies here. Most people on my friend’s list did the right thing, which was to either ask him if the message was really from him or, knowing that it couldn’t be, they simply deleted it so that no one else seeing their Facebook wall would read it and get taken in.
Update Dec 29 - Here are some of the names of sites being used in this scheme: hiderush.com, bakespoil.com, floatclick.com, wagfloat.com, climbfloat.com, swimstroll.com, boastsing.com, spoilsail.com, mixclang.com, blinksnap.com, poachbang.com, cutboast.com, stuffrattle.com, wrestlegrowl.com, screechclimb.com, laughrattle.com, blendgrowl.com, stuffcrush.com, blinksnap.com
Often times these links are shown as nonclickable (eg hiderush - com, floatclick - com, bakespoil - com, wagfloat-com, etc.)
Some examples of posts are:
“I heard your profile pictures are on boastsing-com-take a look”
“since when have your pics been up on spoilsail-com-check it out.”
“your pics are on mixclang-com-check it out.”
“Has anyone told you there’s a website showing your pictures its laughrattle-com-check it out”
“did your see that cool site with your pictures on it wrestlegrowl-com-you gotta see it.”
December 17th, 2008 / No Comments » / by Catherine Helzerman
Created by Ummah Films founder, Baba Ali, halfourdeen.com will be a Muslim matchmaking site designed for those whose goal is marriage. On an entertaining video (if you don’t watch Ali’s videos, you’re missing some quality film making) introducing the site, Ali explains that existing matchmaking sites ask questions that are irrelevant and won’t necessarily lead to a good match. His examples of good and bad questions are pretty funny and, since he does a better job of explaining than I could, I’m embedding his video below.
Those interested in being informed when halfourdeen.com comes online can sign up for notification on the website.
December 1st, 2008 / No Comments » / by Elizabeth Livengood
This craft is not just for grandma anymore. Thanks to DIY sites and magazines like Etsy, Make and Instructables, crafters all over the world have reinvented the medium of needles and yarn in ways both common and strange.
But a social network for knitters? As strange as it sounds, Ravelry is just that. Yarn enthusiasts can sign up and connect with other knitters, share patterns and compare stashes of yarn. There’s even a section called Ugh! that documents disasterous projects.
Ravelry was created in 2007 and is currently in beta testing. The wait between signing up and actually receiving an invitation to join can take anywhere from a few days to a week or two, depending on demand. In addition to being a site where knitters can connect, Ravelry also features some useful organization tools- a queue for projects, a yarn and needle inventory and documentation of all of your projects.
Ravelry currently has more than 150,000 users and plans to launch sometime in 2009.
Helzerman's Odd Bits covers news related to social networks, Internet crime and scams, computer technology, hacks/DIY, and communications. For more information, see our About page.
@jonathaneunice Naturally, you, being all of these things -IT Analyst, Sex Blogger, Artist, Naughty-Man, Swordsman- are the glue that binds. http://twitter.com/helzerman1 hour ago
My son to me (after seeing his friend's new MSN user name on my IM), "Oh! Do you know what that means?" Me "No" Son "OK, good ..it's nasty." http://twitter.com/helzerman1 hour ago
Overheard "Did you know David Lee Roth is still alive? ....I read it on the Internet!" http://twitter.com/helzerman2009/01/01
@amandachapel Hey, you're back. You were gone so long I was starting to think you got wacked. http://twitter.com/helzerman2008/12/29
Twitter Hit With Phishing Attack
