22-02-2010

Latest Twitter Phishing messages   

Do you Twitter? Security experts are warning Twitter users of yet another phishing attack aimed at stealing usernames and passwords.
These malicious tweets are often a message such as 'LOL. this is me?' or 'LOL, this is funny?', and a further link including the term 'bzpharma.net' this then leads the user to a fake Twitter log-in page. When you enter your credentials on this fake page users are then shown a fake Twitter 'fail whale' before being redirected back to the real Twitter main page. This means that the user may not actually realise that their credentials have been compromised, as at the next log in on the real page you can gain access.
Twitter staff have suggested that these phishing messages are only sent by direct message, others have warned that they are also being posted in public fields.
"It appears that the messages are being shared more widely because of third-party services like GroupTweet which extend the standard Twitter direct message functionality and allow private messages to be sent to multiple users, and optionally made public," wrote Sophos senior technology consultant Graham Cluley in a blog post. He added "As a result we have found Twitter accounts that have warned their followers about the phishing attack, only to subsequently fall victim to it themselves."
Cluley advised any users tricked into handing over their credentials to change their username and password immediately.
Sophos' latest annual threat report found the number of spam and malware attacks taking place on social networking sites over the past year had risen by a huge 70 per cent.

 

Latest News
20-12-2011
AVG Support
13-09-2011
Virus Threats
01-09-2011
Lights out?
09-08-2011
Summer savers?
30-05-2011
Skype issues
03-05-2011
Do you TMS?
07-03-2011
Windows 7 SP1
01-01-2011
Skype issues?
02-08-2010
Office 2010
03-05-2010
OFFICE 2010
08-04-2010
More Hoax Mail
05-11-2009
Google Wave
22-09-2009
Facebook Scam