May 22, 2009

Twitter Hit With Evil Phishing Attacks

By admin

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

phishing attacks

Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. (Wikipedia)

Yesterday a series of phishing attacks were launched on Twitter, the goal of which was to steal the passwords of users and then use them to get other user passwords in order to send out links to another phishing site. Phishing attacks are usually launched on financial institutions like online banks and information-sensitive areas like gmail for maximum profit.

The end goal of this particular Twitter phishing attack was to make money by redirecting users to adult dating sites, so the scammers can earn money through an affiliate program.

In this case here’s a lowdown on what happened, pay attention because this is usually how most phishing attacks work:

In the first Twitter phishing round, hackers created fake Twitter accounts and then started following legitimate Twitter users. Twitter notifies users when they have new followers, sending the user a link to the follower’s Twitter profile page. In this case, the profile page contained a link to a phishing site. So the victim, while investigating his new follower, would end up on the fake site Tvviter(.)com (this page is not safe to visit) where he would be asked to enter his Twitter username and password.

Once the phishers obtained their victim’s login credentials, they used them to launch the second round of attacks. In this round, they posted Twitter messages such as “hey check this out” or “Hey, there is this funny blog going around”. These messages include a link to another phishing site.

Here are some recommended security precautions should take note of:

  • Always check the URL in the address bar before entering your credentials for any online service.
  • Never click links from friends if you don’t know where they lead.
  • It seems obfuscated URLs are becoming ever more a tool of cybercriminals, you should consider using long-url as a browser plug-in to let you see the true destination of shortened URLs before you click on them.

Which is also a reason why you should consider using Tweetdeck as your Twitter client because Tweetdeck has a feature which allows you to see the full URL of each shortened link before you click on it, very useful indeed.