Saturday, May 30, 2009

Twitter Credentials Being Stolen

So recently, some Twitter users were offered a link to Twittercut to gain more followers. It appeared to be coming from a known contact, and they promised you to accumulate more and more followers.

It seems that TwitterCut appeared to be the real Twitter login page. A phishing site for sure.

If a person were tricked into entering their login credentials, Twittercut continued to send the same message you got to all of your contacts. At this point, it appears that no malware is being installed on victim's PCs.

For sure, Twittercut has the login credentials to many Twitter accounts. Twittercut has been listed on services that blacklist malicious sites but was still active just a couple of days ago.

This attack takes advantage of the trust that is built on networks like Twitter, as well as FaceBook, MySpace, LinkedIn, and other social networks. Always beware of messages that are unsolicited. My motto is "trust no one".

Stay safe and have a fabulous rest of the weekend.

No comments: