Twitter Users Swindled by New Phishing Scam
Twitter has issued a warning to its users about a new phishing scam which has reportedly tricked some of the users into giving away their passwords. Users may observe a tweet which reads like "OMG I just got over 1000 followers today from Twittercut". A fake website link also follows the message.
The malicious worm-containing link if clicked, directs the user to a spoof Twitter site, requesting for his password and other login details. The scammers seems to exploit the present trend of soaring Twitter followers to hack their Twitter accounts in order to distribute malware and spam on a much larger scale.
The latest phishing attack has been reported of spreading at an extremely faster pace. So far, these attacks have been observed in countries such as Canada, US, Brazil and Sweden. With a blogging site TechCrunch stating that the Twittercut is propagating at a quicker pace than Swine Flu, the extent of this spreading speed can be easily judged.
The Twittercut site is estimated to have been visited by traffic of as much as 13,000 Twitter users. So far, there is no information regarding the number of users who entered their passwords and usernames on the fake site. Later @tweetcut account was found sending same phishing messages, which has been rendered inactive.
According to a message posted on the Twitter's blog on May 27, 2009, Twitter staff helped the affected users in reclaiming charge of their hacked accounts. The message informed the users that Twitter was resetting the passwords for the accounts that were believed to be held-up in the scam.
Now-a-days, hackers have sharpen their attacks on the social networking websites, aiming to capture the account details of users in order to use these accounts in delivering malware and spam in some later point of time. Particularly, since past few days, Twitter phishing assaults have undergone some strategic alteration. It appears as if the attacks have become more organized.
Security experts have suggested users to remain wary of tweets referring to the fradulent website "Twittercut". They should overlook such messages and should not reveal their passwords or other log-in details on fake Twittercut site in any case.
Related article: Twitter Flaw Compels Victims to Follow Hacker’s Account
» SPAMfighter News - 30-05-2009