Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Phishers Procure Twitter Passwords via Direct Messages

According to security experts, a new phishing scam is making rounds on Twitter that attempts to steal log-in details of users, and then send scam messages to almost every contact in their address book, so as to trick them as well.

Users receive a direct message that reads "ROFL this you on here?" and appears linked to a video site. However, when the user clicks on this link, he gets redirected to a forged Twitter webpage, wherein he is asked to give his log-ins.

This particular scam involves tricking Twitter users through direct messages, a feature that enables users to interact with each other via personal messages.

The phishing scam was reported on September 23, 2009 on the Mashable blog, which stated that it received several reports in context of this particular scam, as reported by pcworld.com on September 23, 2009.

However, it can not be clearly stated whether this scam is a mere prank, or it is being circulated for some wicked motives. Domain name which was used in this case was registered on September 23, 2009. It is found that the user who had registered the domain name belongs to China. It has also been found that his e-mail address has been associated with various scams of similar nature.

Furthermore, it is quite easy for any one to fall in the trap, because unlike previous attacks, messages here appear as direct messages from friends and other trustworthy sources. This is only the latest among numerous scams to affect the popular microblogging site as cyber crooks are trying to make huge profits by exploiting the immense popularity of the site.
It's not the first time that a phishing scam has targeted Twitterverse. A similar phishing attack occurred in January 2008 that caused severe troubles for the site. A direct message, with a link, was sent to users' account to trick them into clicking the link. The message read, "Hey! Check out this funny blog about you".

Finally, Twitter has warned users of the phishing attack, stating that they must avoid clicking on any creepy message and must not provide their log-in details to any one blindly, reported eweek.com on September 23, 2009.

Related article: Phishers Expand Their Sphere of Attacks

» SPAMfighter News - 10/14/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page