Twitter - Twitter Phishing Scammers Have Busy Week - eWeek Security Watch
Security Watch
SHARE
Facebook X Pinterest WhatsApp

Twitter Phishing Scammers Have Busy Week

Written By
Brian Prince
Brian Prince
Feb 26, 2010
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Phishers targeting Twitter have had a long week.

In the past several days, a series of the scams have hit the microblogging service, snaring among others British energy minister Ed Miliband and House of Commons leader Harriet Harman, whose account was used to send a bogus message to fellow U.K. politician Alan Duncan.

In Miliband’s case at least, his account was used to blast out a message to his followers that looked like this: “hhey, i’ve been having better sex and longer with this here.” The message was followed by a link to a phishing site resembling Twitter’s log-in page.

This is not the only phishing attack to hit Twitter in the past week or so. Sophos observed another that sought to lure users into with this message:

“Lol. this is me?? lol , this is funny. Lol. this you??”

A separate attack simply stated: “This you????” In both cases, yet again, the messages preceeded a link to a mock Twitter log-in page.

While compromising Twitter accounts to send out sexual messages is bad enough, there can be even more at stake when an attacker gets his or her hands on user credentials for sites like Twitter. For one thing, security pros have increasingly uncovered evidence of social networking sites like Facebook and Twitter being used as part of broader attacks, to the point where a compromised Twitter account can go for as much as $1,000 in the cyber-underworld.

In addition, many people tend to use the same password to log in to multiple sites, which means once an attacker has one set of credentials, he or she can potentially use that to get access to a host of other sites, noted Graham Cluley, senior technology consultant at Sophos, in a blog post.

“If Miliband makes that kind of mistake, then he has potentially opened up his e-mail account, his eBay account, his PayPal and Amazon account… basically, his entire online life could be handed over to hackers,” Cluley blogged. “So, learn the lesson for yourself: choose a strong and different password for every Website.”

And be skeptical of the links you receive, especially if they are accompanied by out-of-character Tweets with the word hey misspelled.
Brian Prince
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information