Phishers Launch Scam On Twitter Users
Direct messages from "followers" offer links to a drive-by malware site, researchers warn
Security researchers are warning of a new phishing campaign that is being conducted through the popular Twitter microblogging service, leading users to a drive-by malware site.
The attack, which was reported this past weekend by security blogger Chris Pirillo, appears to be a direct message from one of a Twitter user's "followers," or friends. The message offers a link to another site, usually accompanied by a come-on, such as, "I found a Website with your picture on it," or "I just won a new iPhone!"
When victims click on the link, they are taken to a site that "poses to be the regular Twitter login page, but is actually stealing usernames and passwords from the unwary," according to a blog by Graham Cluley, a security researcher at Sophos. Once they've hacked those identities, the attackers then use the information to try to fool other Twitter users as well, Cluley says.
Twitter has posted a warning about the phishing campaign, and the service provider has also begun blocking the known URLs of the fake site.
Read more about:
2009About the Author(s)
You May Also Like
Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024Finding Your Way on the Path to Zero Trust
May 22, 2024Extending Access Management: Securing Access for all Identities, Devices, and Applications
June 4, 2024Assessing Software Supply Chain Risk
June 6, 2024Preventing Attackers From Wandering Through Your Enterprise Infrastructure
June 19, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024