TECH.BLORGE.com
VISTA.BLORGE.com
MAC.BLORGE.com
GAMER.BLORGE.com

January 5, 2009 |

Twitter gets ultimate compliment: a phishing scam

By John Lister





Twitter gets ultimate compliment: a phishing scam When it comes to social networking, irritation is the sincerest form of flattery. Twitter can now consider itself as mainstream as Facebook or MySpace after playing unwitting host to a phishing scam.

The scheme is remarkably unsophisticated but does take advantage of the benefits of a social network site. The scammers send a message, usually some variation of ‘here’s a funny blog’ or ‘get a free iPhone’, with a link. This takes the user to a bogus Web site such as ‘twitter.login-access.com’, where they are asked to type in their user name and details.

If they do so, their account is then used to send more bogus messages. Even if most people don’t fall for it, it’s a numbers game: if one in ten people hand over their details and they have 100 followers, the same one in ten ratio produces 10 new victims, and so on.

Unlike phishing with bank accounts, the people behind it aren’t trying to get access to money. Instead the goal seems to be to get access to enough accounts to send out advertising messages – in other words, spam.

Twitter is warning users about the practice, the simple rule being to never type in your user details on any site other than twitter.com. The site is automatically resetting the passwords on anyone caught by the scam, presumably by detecting those which carry messages known to be from the spammers.

Several high-profile users appear to have been affected. Barack Obama’s account briefly carried an advert for the chance to win $500 worth of gas for carrying out a survey. Stephen Fry posted that 20 of the people he followed had been hit by the scam though, contrary to some reports, he doesn’t appear to have fallen for it himself.

However, the people behind the scheme appear to have either struck lucky with their victims, or found a more sophisticated way of hacking into their accounts. Several celebrities have had more personal (and presumably bogus) messages appear, including Britney Spears apparently updating fans on the dimensions of her more personal regions.

Meanwhile the offenders are at least fair and balanced in their treatment of news outlets. Not only can followers learn of CNN’s Rick Sanchez that “I am high on crack right now might not be coming into work today”, but Fox News announced “Breaking: Bill O Riley is gay”.

Related:

  • Hackers claim credit for Twitter celeb strikes
  • Commercial spamming comes to Twitter with TweetTornado
  • FBI director almost falls for online banking phishing scam
  • Hotmail phishing scam: researchers begin Spanish inquisition
  • Hotmail phishing scam may also affect AOL, Gmail and Yahoo




    • Sign up for the BLORGE daily email newsletter

    Entry was posted on Monday, January 5th, 2009 at 4:20 pm under Hacking, Scams, Social Media, Web2.0.

    Read more entries by John Lister.
    StumbleUpon Toolbar Stumble It!

    One Response to “Twitter gets ultimate compliment: a phishing scam”

    1. iwebie:
      January 6th, 2009

      The Twitter accounts of US president-elect Barack Obama, singer Britney Spears and other prominent figures were hacked on Monday and fake messages sent out in their names on the micro-blogging service.

      http://www.iwebie.com/britney-spears-twitter-hacked

    Leave a Reply:

    Copyright © 2008 Engaging and compelling blogs that entertain and inform