Twitter Phishing: DMs of Doom

Share: Email Story Twitter Facebook Stumbleupon Add to Any
by Jordan Yerman | January 5, 2009 at 09:12 am
113 views | 0 Recommendations | 0 comments

Photos

DM phishing-Photo-01

DM phishing-Photo-01

see larger image

uploaded by Jordan Yerman

Twitter's DM (Direct Message) capability has led to the all-too-predictable malware attack. In this case, a fake blog link leads the victim to divulge their login credentials, and the zombification of the victim's Twitter account is complete.

The cycle then repeats, with the pwned accounts sending out yet more DMs to yet more random people. To anyone familiar with spam and phishing, these messages are instantly suspicious (who's Stacy A. McCullough?), but this is clearly affecting a lot of people, based on my junk-mail folder.

The scam operates like any typical Windows worm and begins with a DM from a victimized Twitter follower. That direct message contains a link to a malicious (and unnamed) domain that screams “password stealing”.

Source: technosailor.com

The fake Twitter landing page looks pretty much identical to the real deal, but the URL is the dead giveaway.

It bears repeating: do not open DM links from users you don't know.

Advertisement
Share: email story | add to any | | facebook | stumbleupon

Comments (0)

This story was created over 3 months ago, the comment thread is now closed.

in , , ,

NowPublic on Facebook

What is NowPublic?

NowPublic lets people work together to cover news events around the world.

Find out more

Crowd Power

These members have powered this story:

Related Stories

Track this Story

 

closeSign in to NowPublic

Not a member?

JoinIt's free!

is reporting from
Member
NP Rank: