Network Security & Hardware - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Twitter Phishing Scam Takes New Turn with Promises of iPhone



 By: Brian Prince
2009-01-05
Article Rating:starstarstarstarstar / 2


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
A phishing campaign targeting Twitter has morphed, according to researchers at Sophos. Phishers are now using accounts compromised in the initial campaign launched over the weekend to snare Twitter users lured by the promise of an iPhone.

Phishers are hooking more and more Twitter users in campaigns to steal their account data, according to security researchers.

The initial phishing attack reported over the weekend has expanded, with spammers now using compromised accounts to initiate a new campaign that capitalizes on the popularity of the Apple iPhone.

According to Sophos, the latest barrage of phishing e-mails contains messages like this: "hey. i won an iphone! come see how here." Others read: "Wanna win the new iPhone? Its so easy and cool, I love this thing! Visit: [url removed]."

Resource Library:

Graham Cluley, senior technology consultant at Sophos, speculated in a blog post that spammers are earning a commission via affiliate links by directing traffic to these Web sites.

A compromised Twitter account can be abused just like a compromised botnet PC, Cluley said in an interview with eWEEK. It can be exploited by hackers to launch further spam campaigns, or to spread malware or to attempt identity theft.

A warning about the initial campaign was posted Saturday on the Twitter blog. That attack worked by sending out e-mails that resembled notifications from Twitter about Direct Messages. According to Twitter, a typical e-mail in this attack reads: "hey! check out this funny blog about you ..." and provides a link to a phony Twitter log-in page.

While the damage of losing Twitter credentials may seem minimal at first glance, as the recent campaign shows, the potential exists for the information to be used for social engineering purposes in a broad range of cyber-scams. In addition, Cluley pointed out that many people use the same password for every Web site they access.

That means that if hackers now have your Twitter details, they can also perhaps log in to your Gmail, eBay, PayPal, Amazon, Hotmail and other online accounts and create a greater impact on your identity and wallet, he said.

Twitter advises users to immediately reset their passwords if they have been victimized by the scheme.

 






  Reader Comments: Twitter Phishing Scam Takes New Turn With Promises of iPhone
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Brian Prince
 


xks8(y\=;N1ŋ#dKk)$V(8H-I?|yO7^t%xؖht7F(II56%SEC"IՃ~xC(~`Rɨ IJFڶ? }~mkT2uez>;|9|ALTadB$hwtL|ϨTS_Fܨ[*`&`1Z4tRl!۷#: rWӺ'~i%#@IR(u)pg'䯊mm$oQX}:[R=2tS[BTu䕥XI,B(FDcf?9CvNUr|kw0Ni3[_w@Sա*"U{a%hυ /L1r&b,ֽ;F&lwf3DFLd H.JAt:s z08bqj9jfO-=K;O=k\w=jP?bARxư!$ne$DJHn:u8SyxKӇؖc`1$ס"OMmm_Ok|uns5=d#t: +?;VN=?!&A,rJrXR3~wd[Zsd6w.~|o!}Ow| nr!粮77W$̚aM|IpL2Tch^ԩ!5ǯlhV=>>歱J'+҄& 9B:A`ܺd΁R49Vɠ8蟉$Wm4@r5)6B̄H )7??oz@@ZR~V()USEI7#DD v23~B(*pHq> 2v4WpO}ಚypvYo͉&]XZu%jZmVE?i^wθzѨ?4wj xXnvZM( h\w7R86Ri^TU Gg'&-d`q86ayƔIG?~L>NR'}:;SjZie;Ni(|I8hƋCr^YnL,rӇ4!Lj wGlhnx:,,Abχ&a`M?dc0CGE 6 &>v\P|2Z9<L&0`D6wKPbLGTM}PAX\7 >)3P_)nвc@+WMPÃ"`"+42[!zC2{ݡX3yew{GRgaC8F2b3k%ӇnS/|KĝR48'')NasW|]ӨڑIlXkmo?JխE[1(۵a]ik#;?7Bjªyk<1F񵖶`9H]`86 *fˣ(u6LF%?Io2jwA 5s7SejpdҶ<: N5X<>kp6X"@@7w_Mi&a+̲Qy=^:z ȃ`#r;6O]\=<fM\?&BXt+@ZS]Wѹq aKm6CZ m˙@0[@6*\XCmç c"Dk꺟+* `k~SiVs{䆻!`Pcf:uV*wNKT+;pwNQ xXb ֚p성 .c"}=% F:7a/S" @-4hÀlC9)& S\,a\FLk ZCbP$ܔh@.& i?aE"'1ڣs!a*+ Z\흧 ITʥЊZ(Rss?;2:EƟQ:9pG#~yMfo٩1J3wY9[Jv\r/y >{VN0aE>yL V<|˰"Ut%Ǥ_b+ģCYV MU~tV8wV|,@? v:"hCxZ &`i@%p LM{|nN K~=hy֩,3UC-~.ÿ|RYEGvoqm(Dkp*?FES؇Qam/+R:.Tڞ7^ߜ}hDA`! Н;#ؐCKA3)Wn!q+?:ȡ7gmE{H^ac7U[@oF)uWu4 "|EIpR|=Yι~7u=[`%g\U[h{9^@HpaGi>Wݳ)sM8^&&ʢ*]W5+ƗɘBÜbk>t8YTOgw|\(eoQ:\ -Уg'~w\Ucү|e2,tn1Sa%[x[2|'@dѪ93NQƛga3q1mٝNC7E$9PܘG[HNoBOH_~ǍpkǭN9:@"#f.s_wf=]~oLgڹ4>ʀ>hG2gd^hVz\ u}cLBئOlGe7M"32p7n-拥"~2s٩X y9O .o6=ITPGQ>8{Ic#&ahxkc}Z<rRzϢ vt[ 2B0q܇Ц#p}/O&PFzM9q4I#⩬yF0.Ɨ!skgO̦:zf36{%]Mk:[y*1n'vf=FknIG:aޯT)wOL+KZ$|p`F􀯢u2qzhwQ{{[7}ófA"S[^%͇R1iymP*fNr 0i[ } ( bZ8"GYd^|eŢRn8M3A$DBs9ǣ۷BlpH75),8{Je$[ yr2(jP 8fX&1W劬ּ g@48&oZY9|{?"}QL pفbß91V̶Rfo௢z4M}Z|LWi_wu7:ĻѼGra෵%< 8EjvꍟOHMc.5۵?pȾYM$(Xޞ.ƸCO^LE*^fRކZ~hy+ 8dGWκ~-k7͎yսNIiHIcxxLS{Rռ윰(d0 sjn³OM1[p[&IyD=S75C2ҝa7쐶Cto,ruXKr!j,r9Aϐa(nN&l^WX* 5 ̄o IeKe:=> 5 IGԛVst{Ygpmuk}h!6`!NU HU*-i)4v'u3xVowoj) 5kO EGoJN^K#tV/ӷoHW蘧[4~ پP=8Y,rh%縭vRt[GNlp j=hyAdy/pQZiTS8L,ӤN)fTxS#OqFZ9l÷ՊFgroQ:C2v7-*A%sK<L>?Fvdc: M"IVU-UdU)IdC%?8{tH4`@L6CGځ;-3(m3{F޸_2{K7k<|{ U,㛟tϯ2i8~JMÕi吕D)K"vًKqǛV*qQ"{ GHڣCzxt`"D:*pctOyӨO6;xho2:GBf!EV֧A-Zl2d]ns}7Ӄ*yX>KÆ`'#1 ek<:>=r>p5xn!Ye\̊++O>,ETY~;? \]N瘘OﲅڭL50֙S˧է" DNC1rv}ŔSIaK~ oy1֕k/ȥ[6;a|9xY1a%|C'ubBQҘ"5G3"uGXwĩYױӃ4tSAZlsWjf  Uɬ1Rq[Iڛё;S + 1y1LIoro<83 Ǎ[46,ʰ#_R]o!ҚiYqBN k/$ 􉘦OmƆ\VpH3+Yƻ(O%x h;c*$+= 7&TA*|$՗t_dn-Eq !⊃(VtR{!5MŠqQ- T'Q#L+Ӿ:'WQ`T7?ߤ6ϋ9}}NݣSU[e]e3X¬R+cǝ'rf`ز^UCB0ai9QscHPb? T}cGFy1/KFlo29{o!u@Ʈ?{Ǘp鲜<Gbx|xRE0 h@_ݑc)Hѧ w5딤 "D]Kg,L!,z=TZ= S}k;V[NYoHY`߬V$Md{e+Y:8Pu A{pp z8[,$T}6yx8=Bܑ$^/ۉ@x-9GG鱅#Au;2ʋ;m]s.a=23+ ݠC׽Scwv-5r=f&"RImYqA$Ma$Ft+f+Y}?Zd|!U_ΎMZ~|:#k+T}oӶhUZ ǵqR颾;wqLʐ IT#U f_ !-!@u1~;K8DtcwD'ؕƆ3h!'=}ZO1U} \YܗC Н7{7~}b2Gm%т|'qul +2nlELt$%Fc+)اw?إ]j}{Hc9QED=g>U gs\YQG|UH׺8&]Hx _rE5ũ+l:%)H"l6:5ί ~G))Z}iGiYpg(umޘQSRYd;';=h5 !\qƏ3U _󗯾\K{E̙G͸Ge^Lm'I!N刋߰X њ#Ћ-TaNr DVRx_cv`6 \m>ěՌ&4`"iH9G es7>kE_A-/g˪=›̞ceHyBoq'Zb Vza @a}$oO,S T;g9ZfSx10; oC?PǸ210kG=ɚP8ab7bRshSv g> Qyo[=yĎ;Xo<|S#U+M\>4]>}A6ژ]UhKґ!innK"bzggؽv" +YeW `[ Zx%50|> ɻ]RW P56umlNj[*!KpB&8"^;.2XC7ag(4w_pwr<'vQ]Q f6U9M,iw_mL\աuOܪχ\oXVrS_wۘm#!^-Ƙs$vO5퇛NO9Vrx I줰Ð`9ܬDF6HxDɹ~1&F=!bqBtb„ #JلR7? @G&_+(. 9P-xDB]~z$|>"k&(?p E bBmGi6%A|6ľI~oL@eU wTZPXP_eKL)!Ka2_0x) &.X`3֙;jBjگJ޼ѧӠ0YNj&pjAKg֝Q!ɖ\(Gb8P#:<&,]jQ{!ip'_?>& .ycI 89yN4x!yayFg$H]ǰX{S0(-ŌJY-)IhR|:Pr|Έ.|!IU*7)& zR,'DW0Meɩ+Է .~c1dS]ń^M rTk׭{Cj g5c}Zlkn{s֭>^hv7N?Su|lol2_T 3']V f)TjSg̵,% ^+^k-K"飱:/՝œ(o[PJTٍ51ͩ_3MoLm;mNmз iЧ o N6g;?QF;)|O)WP~R(GJy)0tRI.M _):?onROP_SJ+}J'ߧBmZ9m B)ݦ_ryk)rVƅ)YJy!S=KBE%rXBu.Rʏrnm`Y*8#Aq̞^M\.3Vr쓭/>Aŷ)pF F^ᑜ5I1~Q߅j LP髡f:pÕ `N`- l>yM˫%KR1s fGDDãjAUUEVro VT D`q9#TxKB4|O3DKCuSr1E>J1SJ!@_>63Ն<>C/qo5B{Po"?ܮ@c d߻G H}jar1x u0m] xzY\.23VMեrI  rm%͂XC-['lybb)m+Մw2$aH- ;d" 9>t (];{>:4xp;4X?n pO1Q>`^z~Ҹu-N߁A~e ϰgVÄm&Ĵ'dG;[z`L$֚lAŊvSt&aсYoF<3Σoޟ0Vlu[ OO,~崜n-_.HӳN7m(b5}#q-ynN?xR H~2{=!u70ƚ e)`X8ݏN_L& $μ)/ˌq?Ih"v 6 K%*ܲW;='fs(%^?K+_{l y"DGQޗ$ѓ}թ''SrpS.6i`W_GFbW+&ݠKA1^Hu!A]=vw[?/'R`1<܋ϑ{̾ ^f'3slRɤ{c epCikZk 0Dq[ XtWqTr`(`xph{`F c:p2 19-O)xI1%h3l䣈mAb?ڵ-caG?ܝ-X)O"^tLzU\Z^cd,gkV"K0G.=  L\H0qmrv# a+cPOb~af- c2v49.@Lʧ$NS?X|:W.r6ƕy_"m8Yo?8MAe~oByZ|C*'ꙺU]N7z/>!:,FRS#ډF`֍;^zV;pyةKaEeiAђu72!ջe} _'ȕ/2F#-<#@5̊R"<& #iQg8&r&J醀wD^8%̎mJPU&s)#+Mmn쭕4>!z0oǽlҜ Вi5[ Po