News - Security Issues

Twitter Hit by New Phishing Attack

Phishers are targeting Twitter users in a new attack involving direct messages sent to Twitter users containing a link to a site requesting user log-ins. The attack site requests the user's log-in information; once the attackers have that, they can take over the account of the victim and use it to send out more messages.

“Just like hackers like to comandeer poorly protected PCs to form a botnet from which they can send spam campaigns or spread malware, so they are increasingly interested in doing the same with social networking accounts,” blogged Graham Cluley, senior technology consultant at Sophos. “They know that computer users are more likely to open a message or click on a link sent to them by what appears to be their online friends and colleagues via a social networking site, making it easier to launch financially-motivated attacks.”

Twitter warned users about the attack, stating in a message: "A bit o' phishing going on—if you get a weird direct message, don't click on it and certainly don't give your log-in creds!"