I personally received the following direct message on Twitter from someone I know quite well:
hey! check out this funny blog about you…
It’s a link to a fake blogspot URL that redirects to a phishing URL for Twitter, it looks the same as the real login page but the actual URL is:
http://twitterblogs.access-logins.com/login (WARNING THIS IS A PHISHING SITE)
If you visit the page you’ll see a Phishing warning from Firefox.
Later on I also received the following DMs on Twitter.
hey look at this funny blog http://rosalierebyb.blogspot.com/
fixed it.. hehe here is that blog i wanted to show you
You’ll notice in the last one that they have moved to using the direct Phishing URL rather than the blogspot as Google closed down the blogspot account used for Phishing.
It seems quite widespread meaning a lot of people have fallen for this and there are a lot of compromised Twitter accounts out there.
There’s some good info on the whole thing here:
If you have received any of the above or similar direct messages from anyone on Twitter do let them know and inform them they should change their password ASAP.
SANS/ISC have also mentioned it here:
And the folks over at Twitter have blogged about it too:
- sptoolkit Rebirth – Simple Phishing Toolkit
- ICANN Hacked Including Root DNS Systems
- Hackers Break Into White House Military Network
- Twitter DM Phishing Scam
- Using Twitter for Data Mining and Information Gathering
- Twitter Battered By Powerful Worm Attacks
Most Read in Phishing:
- Twitter DM Phishing Scam - 28,931 views
- yahoo password grabber - 19,104 views
- Digital Underground Offering Cheap Botnets For Hire - 15,306 views