phishing Archive

We reported this past weekend about the Twitter phishing scam that was hitting the circuit hard. This morning we received reports via Tamar Weinberg and Ron Hekier on Twitter of what appears to be a hacked Fox News account.

As you can see from the graphic below, the current tweet message from Fox News reads, "Breaking: Bill O Riley is gay". Was the Fox News account the latest victim of the Twitter phishing scam? Or perhaps it was the work of a disgruntled employee?

The issue here is that while eventually the account in question will be fixed, during the phished period, Fox News looks bad. Perhaps Twitter needs a phone hotline for those affected by the phishing scam?

UPDATE: Looks like more accounts have been hacked: Britney Spears and Rick Sanchez got hit – see photos below.

UPDATE: It appears Twitter staff have removed the offending messages.

I guess we can all say that Twitter has hit the mainstream. This afternoon reports have come in about a phishing scam which uses direct messages to push people to visit a site "access-logins.com" based out of China. The site (as seen below via Chris Pirillo) looks just like the Twitter login page but naturally would grab your login credentials if you entered them into the form.

Twitter has a message on their status blog:

Twitter Engineering and Operations are on the case but if you receive a Direct Message with a blogspot.com link in it that redirects to what seems like Twitter.com do not enter your Twitter credentials. If you look at the URL, you’ll notice that it is not really Twitter but twitter.access-logins.com—a sketchy phishing site.

This is the second time in the last few days of users giving out Twitter passwords either for access to other services or in this case, something much more malicious. Months ago several popular Twitter users weren’t worried about giving out their passwords – I wonder if today’s phishing scam will change that opinion quickly.

The biggest issue here is that while gaining access to a person’s Twitter account won’t unlock anything past Twitter, many users have the same username/password elsewhere online. The phisher could try other social services and even online banking services. This is the part that makes today’s attack scary.