Once upon a time phishing hoaxes were the scourge of our email mailboxes, but now the scamming cretins have moved onto Twitter.
Forewarned is forearmed, and so I’m providing you with an example of a Twitter phishing attack.
Tweet updated on 25 July at 17:00. Updates highlighted in yellow.
It usually starts an email that appears to be a Direct Message (DM) from one of the people you follow on Twitter. A direct message is private and can only been seen by you, and it is likely that you will assume that as it originates from somebody you know that the correspondence is likely to be legitimate.
The message contains an urgent warning that you must act upon immediately.
In this example, the direct message says Someone said this real bad thing about you in a blog. The message includes a shortened URL link to go and visit the website.
NB: this phishing scam starts as an email from one Twitter user to another. No hacking has taken place at this point. They villain is just sending out speculative emails, masquerading as a legitimate user. This is just an email phishing attack.
Warning #1: Don’t click on Twitter links unless your Virus/Phishing protection is up to date!
Where does this nasty link take you to?
The link willl click through to a very realistic copy of the Twitter home page, just begging you to login.
Look closely at the web address, however, and you can see this isn’t the Twitter website at all, but rather a Phishing site using the web address http://berichtenversturen(dot)com/twitter-login/
The whole purpose of this scam is for you to give away your Twitter username and password:
Who is responsible for this phishing website?
It is always difficult to get to the bottom of who is responsible for these sites.
One option is to consider who owns the domain name. A quick Whois search shows the details:
Domain name: berichtenversturen.com
yang fan fan yang
shang hai shi huang pu qu CN
And then a brief search on this email address brings up other phishing scams.
Here’s a very interesting analysis of a previous scam apparently perpetrated by the same gang: Overview of the Phishing attack for a Get Out of Debt scam, including very persuasive personalisation for your location.
Twitter Phishing Scam Warning
Twitter does keep an eye on phishing attacks, and some links may take you to the Twitter warning that the site is not to be trusted:
What should you do if you get a Phishing Tweet?
1. Don’t worry about it overmuch. There is lots of this going on, just like we used to all get lots of phishing emails.
2. Make sure your protection on your computer is up to date and configured correctly.
3. When clicking on a shortened URL, always double check that it has taken you to a real website, and not to a phishing address.
4. If you personally know the owner of the Twitter account, then there is a good chance their Twitter account has been hacked. Get in touch with them (not via Twitter, obviously) and tell them to change their password.
5. If you don’t know the owner of the Twitter account, then Block them and report them as Spam in Twitter.
6. Check that the bogus web address has been reported. Phishtank is is a collaborative clearing house for data and information about phishing on the Internet.