I personally received the following direct message on Twitter from someone I know quite well:
hey! check out this funny blog about you…
It’s a link to a fake blogspot URL that redirects to a phishing URL for Twitter, it looks the same as the real login page but the actual URL is:
http://twitterblogs.access-logins.com/login (WARNING THIS IS A PHISHING SITE)
If you visit the page you’ll see a Phishing warning from Firefox.
Later on I also received the following DMs on Twitter.
hey look at this funny blog http://rosalierebyb.blogspot.com/
fixed it.. hehe here is that blog i wanted to show you
You’ll notice in the last one that they have moved to using the direct Phishing URL rather than the blogspot as Google closed down the blogspot account used for Phishing.
It seems quite widespread meaning a lot of people have fallen for this and there are a lot of compromised Twitter accounts out there.
There’s some good info on the whole thing here:
If you have received any of the above or similar direct messages from anyone on Twitter do let them know and inform them they should change their password ASAP.
SANS/ISC have also mentioned it here:
And the folks over at Twitter have blogged about it too:
- spt v0.6.0 – Simple Phishing Toolkit Available For Download
- Russian Cyber-Crime Market Doubled In 2011
- Targeted Phishing Attacks Carried Out On Gmail – Likely From China
- Twitter DM Phishing Scam
- Using Twitter for Data Mining and Information Gathering
- Twitter Battered By Powerful Worm Attacks
Most Read in Phishing:
- Twitter DM Phishing Scam - 28,870 views
- yahoo password grabber - 19,007 views
- Digital Underground Offering Cheap Botnets For Hire - 14,745 views