Tuesday, June 09, 2009

New Twitter Phishing Scam

After Barack Obama and Ashton Kutcher, the latest people to hop on the Twitter bandwagon are cybercriminals. Twitter is a social networking website that allows its users to write “micro-blogs” and since January the site has exploded in popularity. The number of daily visitors has surpassed relative veterans such as Linkedin and Bebo so it should come as no surprise that phishers and other scam artists are following their victims to Twitter.com. What is unusual is the level of sophistication that Twitter phishing has already achieved.

For example, in one widespread phishing attack a hacker creates dozens of dummy Twitter accounts which then begin to "follow" other users. When one of these users decides to check out who's following their micro-blog, they are presented with a link to a site called "tvviter". Notice the trick spelling? Another ploy is to use websites like tinyurl.com which provide redirection services so that victims don't really know where the link will take them. Once they arrive at tvviter.com the victim users find themselves at a fake Twitter login page that is controlled by the phishers. The hackers who set up the imposter web site then use the stolen account passwords to spread adult ads and spyware downloads which can earn big bucks for the phishing hackers. Many users have fallen prey to this phishing scam.

What can you do to stay safe on Twitter and other social networking sites? * Be wary of clicking on any link that looks like “tinyurl.com/kk68ca”, these can take you anywhere on the net!* If you want to preview where the tinyurl link will take you, use the free link preview service at http://www.longurl.org/.* Always double-check the address bar before logging in. Phishing schemes often rely on victims not paying close attention to the URL.* Stay vigilant- the phishers are here to stay, and sooner or later you will be a target.

-- this article courtesy of http://www.digitrust.com/

No comments: