Phishers Procure Twitter Passwords via Direct Messages

According to security experts, a new phishing scam is making rounds on Twitter that attempts to steal log-in details of users, and then send scam messages to almost every contact in their address book, so as to trick them as well.

Users receive a direct message that reads "ROFL this you on here?" and appears linked to a video site. However, when the user clicks on this link, he gets redirected to a forged Twitter webpage, wherein he is asked to give his log-ins.

This particular scam involves tricking Twitter users through direct messages, a feature that enables users to interact with each other via personal messages.

The phishing scam was reported on September 23, 2009 on the Mashable blog, which stated that it received several reports in context of this particular scam, as reported by pcworld.com on September 23, 2009.

However, it can not be clearly stated whether this scam is a mere prank, or it is being circulated for some wicked motives. Domain name which was used in this case was registered on September 23, 2009. It is found that the user who had registered the domain name belongs to China. It has also been found that his e-mail address has been associated with various scams of similar nature.

Furthermore, it is quite easy for any one to fall in the trap, because unlike previous attacks, messages here appear as direct messages from friends and other trustworthy sources. This is only the latest among numerous scams to affect the popular microblogging site as cyber crooks are trying to make huge profits by exploiting the immense popularity of the site.
It's not the first time that a phishing scam has targeted Twitterverse. A similar phishing attack occurred in January 2008 that caused severe troubles for the site. A direct message, with a link, was sent to users' account to trick them into clicking the link. The message read, "Hey! Check out this funny blog about you".

Finally, Twitter has warned users of the phishing attack, stating that they must avoid clicking on any creepy message and must not provide their log-in details to any one blindly, reported eweek.com on September 23, 2009.

Related article: Phishers Expand Their Sphere of Attacks

» SPAMfighter News - 14-10-2009

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial