Hey guys, this one is for all of you Tweeters. Phishing happens all the time, but I saw this particular attempt today so I figured I’d raise some awareness. Learning good internet practices never hurts anyway.
So, the scam starts off like this: You receive a direct Tweet from one of your Twitter buddies; they’re letting you know that somebody is talking smack about you.
Alright, it’s a tiny url link, so you can’t really see anything fishy at this point. It may be improbable but heck, who isn’t curious about gossip? Particularly gossip about oneself! So you take the bait and it brings you to this page.
Seems legit at first glance (the shams always do) the layout looks familiar, the Twitter logo is up there but oh, you’ve got to log in. Look closely at the address. This is NOT Twitter.com, this is itvviter.com – slick eh. Anybody who logs in is in fact supplying their twitter credentials to people with malicious intent, and they will certainly attempt the phishing attack on YOUR twitter friends now.
Rule of thumb before logging in to ANY site – unless you typed in the website’s address yourself, take a close look at the URL of the site you’re at. Don’t assume that it’s the real thing because it looks right; that’s playing right into the scammers’ hands. However, If you ever do feel that you’ve been compromised, make sure to change your password immediately from a trusted location such as a home PC or laptop.
Twitter is now reporting that malicious link as potentially dangerous. It’s nice to see that they are on top of their service, but that’s just one ant. Stay vigilant!