Phishing on Twitter

The Twitter community apparently has become so mainstream that it is now interesting for phishing attacks. The last few days there have been reports about several fraudulent messages directed to Twitter users. Users have received direct messages or email notifications of direct messages via Twitter saying something like, “hey! check out this funny blog about you…” or “hey, i found a website with your pic on it…”. See screendump here. Another message is about winning a free iPhone. The scams are designed to make you sign in to your Twitter account on a fake site, so that the crooks can get hold of your login and password.

Twitter posted a warning on the site, but if you’re like me and mostly use Twitter through third-party services like TweetDeck, then you wouldn’t see that note. Fortunately these things spread like wildfire through the community so it doesn’t take long before someone tweets or re-tweets the message.

It might seem sad, but it would probably be wise to keep an eye on the #phishing hash tag in the future. And have a healthy dose of suspicion against messages, services or sites that you’re not entirely sure are the real thing. Will the real Twitter please stand up…

phishing twitter

Tags: , , . Ping.