Twitter phishing: hunt for a whale

| | No TrackBacks
twitter_phishing.jpg

For several days Twitter users have been hit with a massive phishing attack.

The attack itself was very similar to the majority of other attacks of this kind. If you have spotted a message containing "This you????" string, and a shortened URL, you could become a victim as well. The link leads to a false Twitter site where you are offered to enter Twitter credentials to enter.

Needless to say that users that fell prey to this trick provided their Twitter accounts to the scam artists and the "phished" accounts were sending the dangerous messages further. I only have seen a dozen of such messages in my direct messages box on Twitter. Many of my friends have seen hundreds.

Phishing performed via email messages is now classic. Even though it finds their targets, it's a kind of evil we all know of. It's amazing that people well aware of email phishing, were careless enough to get caught by Twitter version of the same scheme.

Cyber threats evolve and change appearance all the time. Looks like the association "email - phishing" is so strong, that people do not suspect they can be tricked when they see a link in a strange private message.

Now imagine an account is taken from you by phishing in a facility (such as Facebook) that serves as an authentication means to a number of other sites (i.e., acts like an OpenID provider or similar means). The obvious consequence? Your mistake can cost you not only the Facebook account, but several others in other network services.

The conclusion is: if you are urged to click a link, think twice before doing that.

Note: there are sites like Artists Against 419, where a number of fake sites are listed and the lists are updated often.

No TrackBacks

TrackBack URL: /blog/mt-tb.cgi/84

blog comments powered by Disqus

About this Entry

This page contains a single entry by Konstantin Boyandin published on February 25, 2010 12:25 PM.

China leads the world in hacked computers - the Age of Kraken dawns? was the previous entry in this blog.

Network monitoring: means to prevent Web site problems is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.