Phishers Now Hitting Twitter

Facebook is no longer alone in its troubles. Twitter is also becoming a target of phishers. The last few days have seen a slew of Twitter phishing attacks, possibly orchestrated in a chess-like multi-move plan that resulted in three sets of victims and, very likely, some seedy profits.

The scheme appears to have begun Thursday with the creation of bogus Twitter accounts, which the scammers used to “follow” other users, says Rik Ferguson, a senior security advisor at security-software maker Trend Micro. If these users checked out the profiles of their new followers and clicked on the Web addresses there, they were redirected to a fake Twitter site where they were prompted to hand over their passwords. In a smooth move, the site’s address was (notice the double “v” and single “t”), likely an effort to reassure anyone who glanced at the address bar.

To increase the odds of this all happening, the bogus twitterers were usually “hot women,” Mr. Ferguson says. “It’s always preying on blokes being stupid, which is about right.”

From there, the marks were passed back to the real Twitter and provided some additional new, hot followers. If they visited those followers’ profiles and clicked on the Web links there, they were off to see some fairly X-rated “dating” sites. Mr. Ferguson suspects the scammers were earning money from the dating sites for each click from these potential customers.

The phishers also launched another phishing effort. From the accounts they compromised, they tweeted messages cheerfully telling followers “there is this funny blog going around” and offering a shortened URL that led, once again, to a fake Twitter page encouraging people to type in their passwords. Within a few hours, thankfully, Twitter cleaned up all these messages about the funny blog and reset those peoples’ passwords.

But there was still the matter of people who went to read the “funny blog” and gave away their passwords. Twitter didn’t know who this third group of victims were. Well, that mystery may have been solved on Sunday, when hacked accounts were used to tweet large amounts of spam pushing $5 acai berry diet supplements. (Those were soon followed by apologetic tweets from the owners of said accounts.)

Here are some tips on how avoid getting caught up in these kinds of phishing scams:

  1. Be careful what you click on. It may be part of a phishing ploy and, worse, it could be malicious.
  2. Before entering your login name and password in a Web site, check the address bar carefully to make sure you’re on the site you think you’re on.
  3. Be especially wary of shortened URLs, which could obfuscate a bad site. To check where they lead, visit longurl or install one of its Firefox plug-ins, which let you hover over a shortened link and see the true destination before you click.

If you have gotten caught up in a phishing scam you should:

  1. Change your password immediately. And if you have used that password for other sites, change those too.
  2. Protect your friends by deleting phishing or spam messages from your Twitter feed, Facebook Wall or wherever they were posted or by warning them not to click on URLs in a scam email seemingly from you.
  3. Run an antivirus scanner, especially if you have a Windows PC. There are many free ones, including from Symantec and Microsoft.


This entry was posted in ATM Scam, email spam, Nigerian Spam, spam news. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked * is dedicated to all the hardworking people who have been scammed by the spammer or 419 scam frauds. Although our site concentrates on providing awareness of Nigerian 419 spam (scam), scam baiting, advance fee fraud, scam phising, also we deal with other types of fraud such as letter spam, e-mail scam, lottery spam as well. You can go through our scam baiting tips, it is just amazing way to deal with the spammer or scammer.

Nigerian Scam  |   419 Scam   |   Features of Scam  |   Mission  |   Research  |   Mail Archives  |   About Us   |   File A Complaint  |   Spam News  |   Origin Of Scam   |   Operation Of Scam   |   Consequences   |   Miscellaneous Scams   |   Scam Sites   |   FAQ   |   Contact Us  |   Scam Resources Links  |   Nigerian Scammers  |   Site Map  |   Mail Archives SiteMap  |   Scam Glossary  |   Scam Resources Books  |   Scam Checker Tool  |   Scam baiting   |   More Scam Sites  |  Scam Awareness Quiz  |   Celebrity Scam  |  Search Engine Genie  |   Bharat Udyog Ratna Award Scam Alert  |   Jeff Adams Real Estate Seminar   |   Russ Whitney Real Estate
free hit counter