Phishing for Twitter Passwords

Another day, another phishing trip: Graham Cluley reports on the Sophos blog that direct messages on Twitter that read, “hi. this you on here? http://blogger.djh****.com” (characters intentionally obscured by Cluley), link to what appears to be a legitimate Twitter log-in page and, when users “log in,” the Twitter fail whale “over capacity” message appears.

Cluley wrote:

However, this is a phishing page, designed to grab your Twitter user name and password as soon as you enter them. In this case, the cybercriminals don’t even seem to have made much effort to hide the fact that the site is dodgy—the domain name they have chosen doesn’t look anything like twitter.com and should stick out like a sore thumb to anyone who cares to take a moment to see where they’ve ended up.

When I visited the page, I was then slingshot to another webpage on Blogspot.com claiming to belong to a blogger called NetMeg99. It’s not clear if NetMeg99 is involved in the phishing scam, but there is a suggestion that her Webpage did also try to phish for credentials at one point.

Sophos suggested that victims immediately change their passwords for Twitter and any other sites where the same log-ins are used.

Join Baratunde Thurston (left), The Onion’s Director of Digital and author of How to Be Black, for an entertaining look at creative social media campaigns in our Social Media Marketing Boot Camp starting February 16. Other speakers include Morin Oluwole (Facebook), Tim Devane (bitly), and SocialTimes' writer Devon Glenn.   Register now.