Twitter users are receiving direct messages (DMs) saying, “hey! check out this funny blog about you…” along with a link to blogspot.com. This simply a ploy to get information -in this case your Twitter user name and password. There is no funny blog about you.

Twitter users who receive the messages, either on their Twitter page or on their mobile device, are directed to click on the bogus link and when they do, they see a screen that looks like the Twitter site, but is actually a fake (see screen shot below -courtesy of The Twitter Blog). The phishing site url is twitter.access-logins.com (Note that the domain name before .com is access-logins and not twitter).

Once the user name and password are entered, the phishing program is able to access the user’s account and send the same phony message to all of users on the victim’s friend list. In this way, the scheme is very similar to the Facebook wall post phishing scam that went around over Christmas. In that version, users were told their photos had been posted to sites with names including floatclick.com, bakespoil.com, and wagfloat.com.

Twitter users have been vocal in sharing information and warning others about the attack.  Check out #phishing to read and join the latest discussion.

The same advice given for the Facebook scheme applies here,

Never click on any unknown link, even if sent from a friend.

Specifically, if you want to visit Twitter, do not click on a link to the site.  Open a window or tab in your browser and type in the url.

Always double check the url on the top of the page you are browsing and make sure it is the real domain (for example, ebay.com and not your-ebay-account.com).

Click for details from the official Twitter blog

Related posts

• Facebook Accounts Hijacked to Send Spam in Phishing Scheme (24)
• Weird Web – Sites For When You’re Truly Bored (2)
• Microsoft, Yahoo!, Western Union and African Combat Internet Lottery Scams (4)
• First Twitter, now celebs flock to iGoogle, but do we care? (2)
• Yahoo! Mash Goes Under -Did You Know it Existed? (0)

AOL Stalker – In 2006 AOL accidentally released private search data from its users setting off a wave of controversy around how search companies such as AOL, Yahoo, Microsoft, and Google store and use data. Today Microsoft keeps personally identifiable information (a user’s IP address) for 18 months. Yahoo destroys this information after 90 days and Google keeps an IP address for nine months. After that time some companies will delete the whole address while other companies will delete the last two digits only. Even this is a point of controversy as the preceding digits can still tell a lot about a users location much like the first few digits of a phone number such as the area code.

AOL stalker is a private website that was set up in 2006, when the AOL search data was leaked. That data did not come attached with names, however the user numbers are listed. The site allowed visitors to type in either a user number or search term and see the results which were at times funny, strange, or tragic -searches that describe pregnancies that may or may not have resulted in birth, cancer scares, and bizarre searches around murders and crime scenes.

Today users can see the 2006 results or up to the minute results that show IP addresses minus the last two digits.

Cracked.com – Cracked.com is one of those wonderful websites that serves absolutely no useful purpose but will keep you occupied for hours.  Where else can you find artciles with titles like “9 Awesome Places to Have Sex (And the Horrific Consequences)”?

My recommendations for passing the time during a particularly boring workday:
25 Worst Rapper Names of All Time
7 Crappiest “Super Heroes” in Comic Book History
The 10 Creepiest Craigslist Sexual Encounters
5 Homeless Guys Who Accomplished Awesome Things

419eater.com – Unless you have managed to avoid getting an email account, you have likely received a message at one time that promised a large inheritance, said you won the lottery, or offered money for cashing checks. Perhaps you received a strange email that looked something like this:

I am Mrs. Rose Nkama. I was married to late Mr.Nkama,The CEO Veekrol Link Ltd London United Kingdom, a seasoned contractor in England.Before he died in the year 2006. We were married for eleven years without a child. He died after a brief illness. When my husband was alive,he deposited EUR 4.3 EURO with a security company…

Most of these scams fall under the broad umbrella known as advance-fee fraud or “419 scams” -so named because 419 is the code for fraud under Nigeran law and many of these scams once originated in Nigeria. Today they are in place all over the world including Russia, Vietnam, the UK, and the United States, and some of the first advance fee fraud scams started in Spain and were known as Spanish Prisoner scams.

419Eater is a site devoted to turning the table on the scam artists. Site members answer these emails and “bait” the scammers by pretending to be victims, often adopting funny character names such as “Luke Skywalker” or “Captain Morgan” with surprisingly funny results. It’s easy to loose hours of time reading this correspondence, browsing scam artist photos and watching videos.

Related posts

• Microsoft, Yahoo!, Western Union and African Combat Internet Lottery Scams (4)
• Twitter Hit With Phishing Attack (0)
• Google terminates advertising agreement with Yahoo! (0)
• Facebook Accounts Hijacked to Send Spam in Phishing Scheme (24)
• AOL Lists Top Web, Video, Moble Searches of 2008 (1)

“Are you aware that your profile pix are all over bakespoil-com-you gotta see it?” Messages like this one telling people that their pictures have been posted to unknown sites are spreading across Facebook. In most cases, users will see these messages as “posts” from trusted friends on their Facebook profile pages. Accustomed to trusting their friends and worried about having their photos posted on strange websites, people copy and paste the website link into their browsers, which is when the trouble begins.

This is the latest address-book scam to hit Facebook and it works like a classic phishing scheme. Users receive a message from a trusted friend:

“Did you upload your images at floatclick-com-have you seen it.”

Trusting their friend, the user copies the link into their browser (the links in the Facebook “wall post” are not clickable themselves).

Once the user enters the link, they are brought to a site that will bring up pop-up ads and ask for information including including the user’s email and their friend’s email under the guise of needing this info to show the user their pictures.

This is where the phishing begins. Through any of a number of techniques, the user is “tricked” into providing the site with enough information so that it may access the user’s Facebook account and friend list.

Once this happens, the user’s account is used to send these same messages to all of their friends and the cycle begins again.

Here is a screen shot from a friend’s Facebook account which was hit by this scheme. Over the course of 24 hours, his account sent hundreds of messages to his friends about phony photos. The screen shot below shows a five minute period:

The domains mentioned in the messages are registered to “Victoria David,” which may be a fake name, and appear to have been registered within the last week.

Most phishing schemes are technically simple and rely on trickery to get information such as user names, email and passwords. They are surprisingly effective, sometimes more so than more advanced hacks and viruses. For example, although most of the contacts on my friend’s Facebook list are very technically savvy people with the latest anti-virus software, several willingly went to the phishing sites and gave up their personal information despite the fact that, 1. the posts were grammatically incorrect and our friend is a writer, and 2. they had never posted their messages to any of the listed websites. They visited the sites simply because it didn’t enter their minds that a friend would send them to a scam site -and of course he didn’t, but the phishing scheme that hijacked his Facebook account did.

The same common sense approach that one uses in email -never click on or visit an unknown link, even from a friend- applies here. Most people on my friend’s list did the right thing, which was to either ask him if the message was really from him or, knowing that it couldn’t be, they simply deleted it so that no one else seeing their Facebook wall would read it and get taken in.

Update Dec 29 – Here are some of the names of sites being used in this scheme: hiderush.com, bakespoil.com, floatclick.com, wagfloat.com, climbfloat.com, swimstroll.com, boastsing.com, spoilsail.com, mixclang.com, blinksnap.com, poachbang.com, cutboast.com, stuffrattle.com, wrestlegrowl.com, screechclimb.com, laughrattle.com, blendgrowl.com, stuffcrush.com, blinksnap.com

Often times these links are shown as nonclickable (eg hiderush – com, floatclick – com, bakespoil – com, wagfloat-com, etc.)

Some examples of posts are:

“I heard your profile pictures are on boastsing-com-take a look”
“since when have your pics been up on spoilsail-com-check it out.”
“your pics are on mixclang-com-check it out.”
“Has anyone told you there’s a website showing your pictures its laughrattle-com-check it out”
“did your see that cool site with your pictures on it wrestlegrowl-com-you gotta see it.”

Related posts

• Twitter Hit With Phishing Attack (0)
• Weird Web – Sites For When You’re Truly Bored (2)
• Microsoft, Yahoo!, Western Union and African Combat Internet Lottery Scams (4)
• Yahoo! Mash Goes Under -Did You Know it Existed? (0)
• Time to Come Out? National Coming Out Day is October 11 (0)

For anyone who has ever asked, “Does anyone really fall for those lottery emails?” the answer is a resounding “Yes.” According to research commissioned by Microsoft on lottery scams, one in 44 Internet users has been a victim of Internet fraud in the last 12 months. Those who do not think they’re winning the Lottery may be victims of other variations of advance-fee fraud including inheritance “419” scams, lonely hearts, and a variety of opportunistic scams playing on disasters in the news (scams involving fake charities, abandoned travelers/workers, etc.).

Tim Cranton, associate general counsel for Worldwide Internet Safety Programs at Microsoft, said, “This online threat differs from those that try to exploit software code or attack computers. Lottery scammers prey not on software, but on the hope of their victims — and with scams that can be so creative and plausible, internet users simply don’t know whom they can believe. Microsoft is announcing this coalition with the African Development Bank, Western Union and Yahoo! today with the goal of helping to better ensure end-to-end trust in the internet for everyone.”

Much of the money changes hands through Western Union which has branches throughout the world.

“It’s a common perception that only naive and extremely gullible people fall victim to lottery scams. However, it can happen to anyone, especially those who are experiencing financial pressure,” said Christopher Fischer, senior counsel EMEASA, Western Union Financial Services.

Last week, Microsoft Corp, Yahoo! Inc, Western Union and the African Development Bank announced the formation of a coalition to raise global awareness among consumers of the threat posed by lottery hoax e-mails. Through this collaborative effort, the coalition members will educate internet users so they are better able to protect themselves against fraudulent activities online.

The companies provided detail in their announcement:

Lottery scammers often misappropriate or misrepresent established and credible brands to add authenticity to their hoaxes. The huge volume of e-mails they send coupled with the fact that their use of the internet enables them to transcend national borders makes it hard to understand the true scope and range of their activities.

To address this, victims of lottery scams that involve any of the coalition companies’ brands or services can report their experience to their local police authority. Interpol will communicate with national law enforcement agencies to inform them of the initiative and provide guidance on critical information to collect.

Victims will be invited to send a copy of the police crime report to the relevant coalition company member. Each company can then apply its own in-house investigative expertise in an effort to identify trends and common patterns, such as multiple scams emanating from the same geographic region.

“All four companies share a common interest in addressing cybercrime and online scams,” said William Godbout, chief security officer at African Development Bank. “There has been an exponential increase in the volume of online criminal activity using our trademark. Although there is no financial loss to the bank, these crimes impact our reputation and image. The reputation of African banking, of African development institutions and of the African continent in general are significantly jeopardized by the explosion in cybercrime falsely using African entities. With the assistance of our partners, in conjunction with both international authorities and local African law enforcement organizations, we will prosecute this criminal activity to the greatest extent possible.”

Victims of lottery scams can report cases by sending their police crime reports to the following dedicated and security-enhancedaddresses:
African Development Bank – security@afdb.org
Microsoft – lotfraud@microsoft.com
Western Union – spoof@westernunion.com

Related posts

• Weird Web – Sites For When You’re Truly Bored (2)
• Twitter Hit With Phishing Attack (0)
• Facebook Accounts Hijacked to Send Spam in Phishing Scheme (24)
• Yahoo! Mash Goes Under -Did You Know it Existed? (0)
• Yahoo! launches social site to encourge acts of kindness (7)