Twitter Gains Upper Hand on Latest Scam

By JR Raphael, PCWorld Jun 29, 2009 2:14 PM

Sometimes, it seems scams are becoming almost as common as social media experts on Twitter. The latest one, unleashed Monday morning and initially noticed by tech blog Mashable, centers on a fake blog hosted at the domain twittersblogs.com. Tweets containing links to the site circulated rapidly, each featuring the message: "omg!! is it true what they wrote about you in their twit blog?"

Inside the Twitter Scam

Clicking on the twittersblogs.com link takes you to a page designed to look exactly like the real Twitter login page -- except, of course, it isn't. Entering your username and password simply puts your access information into the hands of the hackers, allowing them to login to your Twitter account and use it as they wish.

In this instance, it appears the site primarily used compromised accounts to spread the phishing links further. What, if any, broader goal was behind the effort is not yet clear.

Testing the Twitter Waters

As of this publication, Twitter has yet to mention the scam on its official blog or status update page. When I tested the twittersblogs site using a dummy account, however, the phishing tweet did not get sent (despite my having submitted the account's username and password).

What's more, the last tweet within Twitter Search to contain the original message was sent several hours ago, suggesting that the Twitter team may have since blocked the site's efforts. Still, only the scam's spread has been stopped -- as of now, the links are still scattered throughout the Twitter network. Anyone belatedly clicking them and entering their information would still be compromising their account's security, even if the message isn't being actively retweeted.

The domain twittersblogs.com, for what it's worth, is registered to a "Matt Smith" in New York City, according to DNS records. Neither the phone number nor the address listed appears to be valid. The URL, it's also worth noting, is already being recognized by Google Chrome as a "suspected phishing site."

Fighting the Phishing

Twitter's dealt with similar phishing attacks plenty of times in the past. It's not alone, either: Facebook and other social networks are common targets of these tactics, too.

The good news, though, is that defending yourself from phishing is simple: Be wary of where you click, and use extreme caution when giving out your password. If you don't see "twitter.com" in your browser's location bar, odds are, you aren't on the actual Twitter page. Surf back manually to twitter.com before divulging any of your details -- and, in doing so, keep your profile from falling into the wrong hands.

Connect with JR Raphael on Twitter (@jr_raphael) or via his Web site, jrstart.com.

See more like this:
Twitter,
online security,
phishing

Would you recommend this story? YES NO

Comments

Master Windows 7!

Our expert guide will help you get the most out of Windows 7.

Get the Superguide now!

Stellar Tech Deals

Don't miss out on great deals from around the web.

Subscribe to the Bargain Bulletin

Similar Articles:

Today @ PCWorld

iPad 3 Expected to Have 4G Connectivity The device is expected to be unveiled March 7 and will be available on Verizon Wireless and AT&T, according to one report.
Angry Birds Flocks to Facebook The popular mobile device game comes with new levels exclusive to Facebook, virtual prizes and the ability to send free gifts to your friends and compete for high scores.
PlayStation Vita Review Round-Up The PlayStation Vita is launching on February 22--here's what the reviewers are saying.
Droid 4 Teardown: Four Findings iFixit takes apart the Motorola Droid 4.

Best Prices on Security Software

Norton Internet Security 2012 $20.00 and up See All Prices
Norton Internet Security 2012 (3 PCs) $29.99 and up See All Prices
360 v.5.0 - 3 PC in One Household $32.94 and up See All Prices
Internet Security 2011 3-User $15.00 and up See All Prices

See all Best Prices on Security Software »

See also: Best Prices on Antivirus Software, Firewalls

All PCWorld Blogs

iPad 3 Expected to Have 4G Connectivity The device is expected to be unveiled March 7 and will be available on Verizon Wireless and AT&T, according to one report.
Love and Romance in Game On Podcast #6 Valentine's Day is all about celebrating love and romance in our daily lives, but can you remember the last time you had a meaningful relationship in a video game? Join the PCWorld Editors as they take a light-hearted look at how games can help us learn to love again on this holiday edition of the PCWorld Game On Podcast.
Angry Birds Flocks to Facebook The popular mobile device game comes with new levels exclusive to Facebook, virtual prizes and the ability to send free gifts to your friends and compete for high scores.
Game Boy Runs Android: Best Hack Ever? The PSP Vita may be out next week, but who needs that when you can have a Game Boy running Android?

Subscribe to the Security & Privacy Newsletter - weekly

See All Newsletters »

12 Criteria for Selecting the Best ERP System Replacement An ERP system is your information backbone and reaches into all areas of your business and value chain. Replacing it can open unlimited business opportunities. This white paper explains the 12 criteria that allow you to identify and select the solution that will meet these expectations.
Leveraging Social Computing Technologies for ERP Applications This white paper details how Web 2.0 technologies support business strategies by improving efficiency, productivity, and collaboration.

Today's Special Offers

Editors' Picks

Name	City

Address 1	State	Zip

Address 2	E-mail (optional)