iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > Insider Reports > Insider > Twitter-Based Phishing Scam Raises Alarms
Search:
[ insider_reports_insider ]

Twitter-Based Phishing Scam Raises Alarms



SecurityProNews
Staff Writer
2009-01-05

SecurityProNews: Insider Reports Insider Reports RSS Feed


It was only a matter of time before hackers targeted the increasingly popular Twitter microblogging platform. Over the weekend, phishers sent out direct messages appearing to be from Tweeters, but were really password gathering decoys.

Twitter-Based Phishing Scam Raises Alarms
Twitter-Based Phishing Scam Raises Alarms

A pair of emails hit your humble author's inbox, purporting to be from The Redding Brothers, apparently a local rock band. The emails came with invitations to follow a link and messages that read:
hey! check out this funny blog about you...
http://jannawalitax.blogspot.com/
and
Hey, i found a website with your pic on it... LOL check it out here http://twitterblog.access-logins.com/login
Fortunately, over the years I've become distrustful of Internet strangers in my inbox, especially when they offer links to unknown places, so I didn't fall for the trick.

Twitter founder Biz Stone posted a message at the Twitter blog Saturday, the day direct-messages started making the rounds, to warn users of the scheme. One of the links, the one with the URL twitterblog.access-logins.com/login, leads to a Twitter-spoof page asking for user login information.

"Some folks may have clicked the link and given their Twitter password to the phishing site," writes Stone. "In those cases it would be possible for the phisher to send out direct messages on your behalf which could trick your followers. In those cases, we proactively reset the passwords of the accounts."

Sure enough, when I looked closer at the Redding Brothers' Twitter account, they list me as one they follow and warn, about an hour and a half after I received the supposed direct message, that their account had been hijacked.

VentureBeat reports a similar Twitter-user targeted scam involving the chance to win a free iPhone.

It's unclear what the folks at Twitter will be able to do about the matter and it seems likely Twitter could become a target of future phishing schemes. Cofounder Evan Williams assured the team was working on it, and today's tweet reflects that sentiment:

Mood at Twitter HQ the first work day of the year: Focused anxiety.


About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.

More insider_reports_insider Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds