Twitter Phishing Attack...

November 2009

Twitter warned users Tuesday of a new phishing scam on the social networking site. It is the latest in a series of scams that have plagued the site over the past year, designed to trick victims into giving up their user names and passwords. The message reads, “hi. this you on here?” and includes a link to a fake Web site designed to look like a Twitter log-in page. After entering a user name and password, victims enter an empty blogspot page belonging to someone named NetMeg99. Neither of these pages appears to include any type of attack code, but both should be considered untrustworthy, according to a Sophos Technology consultant. Hacked Twitter accounts are a great launching pad for more attacks, he said. “We don’t know precisely what they’re going to do in this case, but often they will send spam messages to advertise a particular site.”