Comments on: Phishing Scam Spreading on Twitter

By: Dick Tracey

Dick Tracey — Mon, 04 May 2009 20:23:46 +0000

I often check out DNS records to see where phishing attacks and spam are coming from. Been doing this for at least 10 years now. China is behind most of it and send phishing emails daily. (I get hundreds per day)

Nothing is ever done to stop them and I doubt authorities here can or will do anything about it because as you know just about every product we use in North America comes from China. (smallwares)

The solutions are really fairly simple but that would mean ICAAN would have to take action and we all know that will never happen! These scammers and spammers are all buying their domains from an ICAAN approved outfit. You and anyone else can easily trace domains back to a Chinese acredited register of domains. ICAAN has had thousands and thousands of complaints about this register but does not act.

By: Internet Evolution - Security Clan Editor's Blog - Twitter Tweaks Tweet Security

Internet Evolution - Security Clan Editor's Blog - Twitter Tweaks Tweet Security — Wed, 07 Jan 2009 18:51:15 +0000

[...] large enough and sufficiently integrated into users’ daily online routine to draw the attention of phishers and hackers, who’ve launched apparently unrelated attacks on the micro-blogging site in the last [...]

By: Vorsicht: Twitter phishing | Uhl & Friends – The Media and Marketing Company

Tue, 06 Jan 2009 01:46:06 +0000

[...] einen Tweet von Chris Brogan wurde ich auf folgenden Erfahrungsbericht “Phishing Scam Spreading on Twitter” von Chris Pirillo aufmerksam. Er schreibt über die ersten Versuche des Phisings bei [...]

By: Twitter hit by phishing : Snug’d

Twitter hit by phishing : Snug’d — Tue, 06 Jan 2009 00:37:31 +0000

[...] Twitter users were lured into giving away their passwords in a phishing attack. If you receive an email notification that takes you to any site similar to Twitter look at the URL [...]

By: Twitter Gets Hacked (Twice!) | housley.me

Twitter Gets Hacked (Twice!) | housley.me — Mon, 05 Jan 2009 23:11:21 +0000

[...] know. Chris Brogan posted a warning asking all bloggers to change their passwords, which links to a post from Chris Pirillo that describe a number of rogue direct messages with links to a fake Twitter login [...]

By: Got Hacked?

Got Hacked? — Mon, 05 Jan 2009 19:54:30 +0000

[...] the phishing scam via Direct Message, as reported by many including Read Write Web, Mashable, and Chris Pirillo. The victims include Twitter accounts for Barack Obama, Fox News, Britney Spears, and Rick [...]

By: Phishing scam spreading on Twitter. | Hello (a blog from Stratepedia)

Phishing scam spreading on Twitter. | Hello (a blog from Stratepedia) — Mon, 05 Jan 2009 19:14:39 +0000

[...] Chris Pirillo) By Aaron | January 5th, [...]

By: Network Security Blog » Four information points on Twitter phishing

Network Security Blog » Four information points on Twitter phishing — Mon, 05 Jan 2009 16:22:12 +0000

[...] Phishing Scam spreading on Twitter – This was the first article I read on the Twitter Phishing this weekend. [...]

By: Tara Kelly

Tara Kelly — Mon, 05 Jan 2009 11:11:10 +0000

Exactly why you need a password manager folks. If you get suckered into giving your twitter password away — at least it’s not the same one you use everywhere else too.

http://tinyurl.com/online-vs-offline-pwd-managers

Choose and use a password manager please (and tell your friends to do the same).

By: scott

scott — Mon, 05 Jan 2009 06:12:57 +0000

What do you do if you were drunk on Saturday night and filled in your information?

By: Log Into Twitter And Change Your Password | chrisbrogan.com

Log Into Twitter And Change Your Password | chrisbrogan.com — Mon, 05 Jan 2009 06:03:05 +0000

[...] Here’s why. (amended to please Steve Garfield) [...]

By: Geno Prussakov

Geno Prussakov — Mon, 05 Jan 2009 04:00:15 +0000

I have just received my first spammy Twitter DM from *someone I know*! Apparently, the situation is more complex than I thought. Stay alert, folks!! Refrain from clicking on *any* DM links (even if the message came from a trusted contact/follower). Double-check with the sender first.

By: Eric Gonzalez

Eric Gonzalez — Mon, 05 Jan 2009 03:13:27 +0000

Just checked out the link, and it appears to mimic facebook now.

By: Darius A Monsef IV

Darius A Monsef IV — Mon, 05 Jan 2009 02:07:09 +0000

Maybe I missed an update on this problem being fixed recently by Twitter… but considering I just got a DM with the phishing URL, I think it hasn’t been taken care of.

All twitter needs to do is to add a line of code on the DM form page that checks for blacklisted words, urls, etc. in the message.

For example, if the message trying to be sent includes “access-logins.com” either:

A. Don’t send the message at all and alert the user that the message contained malicious content.

B. Send the message but strip the string and replace it with “malicious content removed.”

*They can also continue to add blacklisted words and urls to this filter over time.

By: Jeff

Jeff — Mon, 05 Jan 2009 01:53:15 +0000

Lol, I went to that website a while ago and when I clicked on the Twitter header there, it led me to the fake Facebook!