Please be very careful following any hyperlinks on Twitter. Tonight I received a direct message from someone I am following on one of my accounts. The message includes a link to a fake Twitter website that appears to be the way this user was originally compromised. Watch the video (updated 1/16/2012) if you want to see exactly how it looks and works.
Browser doesn’t show flash or video not displaying? You can also view it on Youtube.
Updated 1/14/2012 10:25PM UTC-8: Chrome is already reporting the URL in the video as a suspected phishing site.
Updated 1/15/2012 7:05PM UTC-8: The fake site is still up and running. I decided to go and report it to the ISP, unfortunately it’s in China and they probably won’t do anything about it.
Updated 1/16/2012 11:33PM UTC-8: This thing is picking up steam in spite of efforts to build awareness. If you receive one of these messages be sure to tell the person who sent it to you to change their twitter password. Presently whoever is pharming these accounts is not locking the owner out by changing the password. This could change at any point. Also just keep in mind if you use the same password for multiple things you should change the others also as this password list is likely to circulate in nefarious circles. Here is a Tweet spotted tonight after just glancing at the Twitter stream.
Updated 1/17/2012 2:39PM UTC-8: Surprisingly something simple that would be dead if it wasn’t hosted in China (any ISP in the USA/Western Countries would have taken this site offline within 6-8 hours) appears to be gaining steam. A coalition of humorous and fed up folks setup a gag site about it. I won’t ruin it for you, you can check it out at didyouseewhattheysaid.com. I will say this, I got a chuckle out of it.
Thanks for this Joe. I informed someone that I was receiving DM’s that clearly would not have been sent by that person, so I deleted. And why would anyone click on a link that ostensibly says “You seen what this person is saying about you?” On the basis of grammar alone I wouldn’t open it, haha! Thanks for the heads up. Cheers! Kaarina
I got your message and have changed my password. Thx Joe, for letting me know that my password had been compromised.
@FocusedWords Thanks for letting me know. Had your password been changed or were you able to go in and change it on your own using your old password? It will help identify the level of sophistication. Glad to hear you’re back in full control!
@KDillabough I think the nature of the links affects different facets of the population. We do all need to be diligent!
I was able to log inand change my password without any problem. Unfortunately I am receiving tweets from my followers that indicate they were hacked also.
@FocusedWords did they visit the phishing site and enter in their credentials? Perhaps there is another way this is getting around. Do you know when you were infected/phished? Did you ever enter your password into the site (pictured in the article above) the fake one that looks like Twitter?
I suspect that they got the password in a different way. I recently received a message on my smartphone that it was unable to connect to my Twitter account. Foolishly, I clicked on the link and reentered the password. This is the only way I can figure that they were able to get the password. The message did mimic Twitter’s look but not the one above.
@FocusedWords ok, this is exactly what I observed that is demonstrated in the video. I didn’t consider how much more convincing it might appear on a smartphone. Sounds like I need to do a follow-up or update this one. Thank you for continuing to assist me with understanding how this works.
Glad to help.
oh! thanks for informing us about that!
much appreciated
A few clever people launched a website poking fun at this, brightwight , gregproirier , thecoolestcool and dynamichosting , well played.
@2knowmyself Glad you found it useful, thanks for letting me know.
If they are based in China or Russia then you can forget it – nobody can touch them.
@Sonya76 sad but true Sonya!