Twitter phishing scam: Not so Tweet
dan tynan on Jan 05 2009 at 6:54 am | Filed under: (anti) social media, Computerworld, Culture Crash, Da Web, Web 2.0
No matter how nice your Net neighborhood is, eventually the scum of the earth will move in next door. And so it goes with Twitter.
The Twitteratti are all atwitter about a phishing scam that hit over the weekend. The phishing tweets came in the form of direct messages – essentially private texts only Twitter friends can send and only you can see. Typically the message says something like "Hey, check out this funny blog about you" with a URL attached. The link takes you to a site that looks exactly like the Twitter log in, only the address is twitter.access-logins.com/login/.
If you fall for the trap and log in, they’re off to the races with your Twitter name and password.
What good are Twitter log ons and passwords to your average dirtbag? As with email addresses and spam, the phishing scammers can use your identity to send tweets to your friends in order to drive them to Web sites. (The idea being that you’d trust people you know more than total strangers.) They might collect a few pennies from the site owner for each visitor, or the site could do a drive-by install of malware and absorb your machine into a bot network…..
For the rest, see my Culture Crash blog at Computerworld.
