October 14, 2009
Twitter Gets Caught in a New Phishing Net (for OneRiot Blog) You have to hand it to spammers—they’re always coming up with new and different ways to ruin our f$%*ing lives. And given today’s trends, some crafty little phisherman has managed to hook the info from a whole lot of Twitter accounts in just a couple of hours. Here’s the rub: countless Twitter users logged in this morning to discover that they had a new DM (always a joy) featuring a link to a video that, allegedly, included footage of the unsuspecting user doing god knows what.  Since we’re all pretty narcissistic these days, enough people clicked on the shady URL which brought up what looked like the Twitter login page. Ipso facto, users logged in on the faux-Twitter and had their accounts compromised. It seems that enough people got the hint this morning and the threat has subsided, but here at OneRiot we’re totally anti-spam, so below are a couple easy steps that we think will help you avoid this kind of nasty digital ailment in the future. If someone follows you with significantly more friends than followers, chances are they’re trying to sell you—or fool you. Do your best to just report @SPAM, and head back into familiar territory. If you get a DM with a URL in it, even from someone you know, be wary.  Shortened URLs are harder to judge than most; often the best way to determine its safety is just to ask the person who sent it what it’s all about. If they give you a good reason to click…click away. If you like to tread cautiously, don’t follow anybody you don’t know, (or don’t want to get to know.) At very least, make sure you can validate a user’s existence (heuristically or through a little research) before following them back. After all, it makes you look super cool and exclusive if you have more followers than friends.

Twitter Gets Caught in a New Phishing Net (for OneRiot Blog)

You have to hand it to spammers—they’re always coming up with new and different ways to ruin our f$%*ing lives. And given today’s trends, some crafty little phisherman has managed to hook the info from a whole lot of Twitter accounts in just a couple of hours.

Here’s the rub: countless Twitter users logged in this morning to discover that they had a new DM (always a joy) featuring a link to a video that, allegedly, included footage of the unsuspecting user doing god knows what.  Since we’re all pretty narcissistic these days, enough people clicked on the shady URL which brought up what looked like the Twitter login page. Ipso facto, users logged in on the faux-Twitter and had their accounts compromised.

It seems that enough people got the hint this morning and the threat has subsided, but here at OneRiot we’re totally anti-spam, so below are a couple easy steps that we think will help you avoid this kind of nasty digital ailment in the future.

  • If someone follows you with significantly more friends than followers, chances are they’re trying to sell you—or fool you. Do your best to just report @SPAM, and head back into familiar territory.
  • If you get a DM with a URL in it, even from someone you know, be wary.  Shortened URLs are harder to judge than most; often the best way to determine its safety is just to ask the person who sent it what it’s all about. If they give you a good reason to click…click away.
  • If you like to tread cautiously, don’t follow anybody you don’t know, (or don’t want to get to know.) At very least, make sure you can validate a user’s existence (heuristically or through a little research) before following them back. After all, it makes you look super cool and exclusive if you have more followers than friends.
Comments (View)
blog comments powered by Disqus