Twitter Hit With Phishing Attack
Twitter users are receiving direct messages (DMs) saying, “hey! check out this funny blog about you…” along with a link to blogspot.com. This simply a ploy to get information -in this case your Twitter user name and password. There is no funny blog about you.
Twitter users who receive the messages, either on their Twitter page or on their mobile device, are directed to click on the bogus link and when they do, they see a screen that looks like the Twitter site, but is actually a fake (see screen shot below -courtesy of The Twitter Blog). The phishing site url is twitter.access-logins.com (Note that the domain name before .com is access-logins and not twitter).
Once the user name and password are entered, the phishing program is able to access the user’s account and send the same phony message to all of users on the victim’s friend list. In this way, the scheme is very similar to the Facebook wall post phishing scam that went around over Christmas. In that version, users were told their photos had been posted to sites with names including floatclick.com, bakespoil.com, and wagfloat.com.
Twitter users have been vocal in sharing information and warning others about the attack. Check out #phishing to read and join the latest discussion.
The same advice given for the Facebook scheme applies here,
Never click on any unknown link, even if sent from a friend.
Specifically, if you want to visit Twitter, do not click on a link to the site. Open a window or tab in your browser and type in the url.
Always double check the url on the top of the page you are browsing and make sure it is the real domain (for example, ebay.com and not your-ebay-account.com).
Click for details from the official Twitter blog
Popularity: 53% [?]
Related posts
This entry was posted on Sunday, January 4th, 2009 at 9:11 pm and is filed under Crime / Scams, News. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
