Twitter Overrun with Phishing DMs & iPhone Offers

If you have been active on Twitter today, then you are likely to have noticed or heard about the mass numbers of DMs, or Direct Messages, that people are receiving.

It all started with a number of DMs going out saying “hey look at this funny blog http://rosalierebyb.blogspo…”.

twitter phishing01 Twitter Overrun with Phishing DMs & iPhone Offers picture

When visiting the url, users were forwarded to a Twitter login page that was not actually from Twitter.

watch out Twitter Overrun with Phishing DMs & iPhone Offers picture

The whole thing was a phishing scheme meant to steal a users login information and then mass DM all their followers with the same message seen above.

The word about the phishing scheme was spread quickly and Twitter even promptly posted a warning at the top of each page right under the “what are you doing” box.

twitter warning Twitter Overrun with Phishing DMs & iPhone Offers picture

The linked website in the message was quickly removed from Blogspot.

After word was spread about the initial phishing messages, the attackers quickly changed the message to say “fixed it.. hehe here is that blog i wanted to show you http://twitterblogs.access-…”

twitter phishing02 Twitter Overrun with Phishing DMs & iPhone Offers picture

Again the message was quickly passed throughout Twitter to avoid visiting the page at http://twitterblogs.access-logins.com/login/, and if infected to change their passwords immediately.

Unfortunately the phishing website was not taken down and people continued to attempt logging in.

Within the last hour, a mass of DMs are starting to go out again. This time they are not linking to the Phishing site, but rather an affiliate offer to win an iPhone.

twitter iphoneoffer Twitter Overrun with Phishing DMs & iPhone Offers picture

Here is what the affiliate site looks like:

winiphoneoffer Twitter Overrun with Phishing DMs & iPhone Offers picture

It would appear that all the phishing attempts were an effort to access enough accounts to send out this iPhone offer.

What are the odds that the affiliate company is going to actually pay the affiliate on this one…

Share
Google Buzz
January 4, 2009 | Filed Under Social Media, Twitter 

Comments

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

2 Responses to “Twitter Overrun with Phishing DMs & iPhone Offers”

  1. Eric Pederson on January 5th, 2009 12:26 am

    Worse than a typical affiliate offer, the free iPhone site asks for your cell phone number. I expect people who give their information will get billed for $$$ dollar on their cell phone.

    If you’ve not been exposed to it yet, you might be surprised at the blackhat business practices involved in getting people to sign up to mobile content and services that they had no intention of purchasing. $9.99 a month and you’ll have a fine time stopping it, a harder time recovering the first $9.99

    Don’t give just anyone your cell number (unless they need to call you, of course)

  2. adam on January 5th, 2009 4:41 am

    Hey Brent, I loved that you have brought up this new pishing problem to the public. In last days I was receiving very same spam DMs. Luckily, the Firefox browser has already blocked that web site as malware. Additionally, I always report Twitter spam to Twitter HQ and block that Twitter profile from my profile page.

Leave a Reply