Email     

Avoid the Twitter Direct Message DM Phishing Attack – Don’t Click or Enter Passwords

February 20, 2010

Twitter is experiencing a Direct Message Phishing Attack as people fall for a fake Direct Message with an innocuous looking “LOL – is this you?” and a link to a fake site – “LOL – This is funny” DM’s with links pointing to equally innocuous looking web sites, with a query string appended which is the real link. As you can see from the email image below, the link, although it looks like Twitter, is actually a site called “BZPharma.net”

Twitter-Direct-Message-Phishing-email

If you’re using high security settings in your browser with phishing warnings in place, like you see below in the Safari browser – heed the warning and close the window.

bzpharma.net phishing direct message scam on twitter

bzpharma.net phishing direct message scam on twitter

It’s a bit disconcerting that people are so quick to believe that the direct messages they get are real – but when phishing happens to you and you’ve entered your password, it’s imperative that you immediately return to your twitter account by typing the address into the browser address bar, so that you know where you’ve navigated to – then change your password.

If you find that your account is sending these DM’s – your account has been compromised and you need to stop the messages from going out by changing your password quickly.

Reblog this post [with Zemanta]

Previous post:

Next post: