There is another Twitter Phishing Scam making it’s way through the wonderful world of twitter. This this time it’s targeting your online reputation or your interest inhumor to snag you and access your account.
Two of the main DM’s (Direct Messages) being sent to Twitter users start with:
“I Saw a Really Bad Blog About You…”
“I Saw This Really Funny Picture Of You…”
Take a Look at the DM below.
These are some pretty clever ways to get you to click on the link.I got the one in regards to “a really bad blog about me” and I clicked on it instantly. Why? Because I have an established presence online and value my reputation a great deal in those regards. When I got to the screen though I noticed two things right away that raised an red flag as you can see in the picture below.
1. I was now on a log in screen for twitter. I was a bit peturbed as I did not know why I was logged out so I looked up and the second flag was raised.
2. the URL said, “twittelr” instead of “twitter”
I knew right away not to click on this but it could have easily turned disastrous for me like it has for so many others in this phishing scam. The end goal is to gain access to your twitter account and continue sending out the DM’s to those that follow you and that you follow.
How Exactly Do Twitter Phishing Scams Work?
- Phishing basically works like this:
- You get a Direct Message from a hacked account with one of the above messages.
- Once you click on the link and go to the fake twitter log-in screen, if you proceed to enter your username/password; they now have you right where they want by gaining complete access to your account.
- Now the program or script the hacker developed will forward that same (DM) to everyone in your twitter account hence continuing the path of online destruction.
- By the time they are done they have access to potentially 10’s of thousands of accounts.
What To Do If Your Twitter Account Has Been Compromised
- First things first, Change your password immediately.
- Send a tweet out to your followers letting them know what happened so their accounts aren’t hijacked also.
- I would encourage your consideration of deleting all of your DM’s as well. While this step is not a necessary one it’s one I did just to cover my ass. Sometimes these scripts will attach themselves to other messages and hibernate. Deleting everything in your DM box gets rid of this problem.
Use These Steps To Keep Your Twitter Account Safe From Phishers
Use a strong password that combines letters and numbers
Always be aware of links that look suspicious and make sure you are on Twitter.com before you log in.
Do not give your username or password to third-parties that you don’t know.
Follow Twitter’s spam and safety accounts here: @Spam – @Safety
If anyone else has any other suggestions, please feel free to share them below.