On mySimon: Pride and Prejudice and Zombies
BNET Business Network:
BNET
TechRepublic
ZDNet

January 4th, 2009

Twitter phishing... inside Twitter

Posted by Adam O'Donnell @ 3:01 pm

Categories: Phishing, Social Networking Applications, Spam and Phishing

Tags: Twitter, Phishing, Cyberthreats, Spam, Viruses And Worms, Security, Spam And Phishing, Adam O'Donnell

Over the weekend I received a handful of reports of individuals using Direct Messages inside of Twitter to phish for Twitter accounts and passwords.

A cluster of compromised Twitter accounts are sending out person-to-person phishing messages inside the Twitter network. These messages and the target website are similar to standard social network phishing messages, except this time they are very very short.

I was alerted to this attack by Mike Murray, a fellow security wonk, as received his first Twitter phish last night:

Hey, i found a website with your pic on it… LOL check it out here [link removed]

As phishers are motivated by economic gain, we need to ask ourselves how is someone going to make money from compromised Twitter accounts? There are a few possibilities that come to mind. A phished webmail account can be used to send out spam, or even be used to extract ransom out of the legitimate account holder. Also, phishers prefer compromised accounts over newly created accounts as they are less likely to trip off anti-spam techniques that use account age as a metric in convicting spammy accounts. I suspect what is going on at Twitter will be no different.

If the phishing continues and a large number of accounts are compromised, I would suspect a knock-on effect of an increase of spam within the Twitter network. As a heavy Twitter user (@adamjodonnell) and someone who works in anti-spam, I would not be too happy with that outcome.

Adam O'DonnellAdam J. O'Donnell, Ph.D. is an R&D engineer who has focused on computer security since 2000. He currently is the Director of Emerging Technologies at Cloudmark, a messaging security company located in San Francisco. See his full profile and disclosure of his industry affiliations.

Email Adam O'Donnell

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 5 Talkback(s)
Take your iPhone with you...
Take your iPhone (or other suitable phone) with you.
Then you can spend your time twittering about where
you are, instead of watching the twittering birds.

Bob's Rule of Getting Things Done: "Don't Twitter."

That probably should include posting on ZDNet. (grin).... (Read the rest)
Posted by: Bob.Kerns Posted on: 01/05/09 You are currently: a Guest | | Terms of Use
WOT  Christian_<>< | 01/04/09
Take your iPhone with you...  Bob.Kerns | 01/05/09
RE: Twitter phishing... inside Twitter  Rafal.Los (RX8volution) | 01/04/09
RE: Twitter phishing... inside Twitter  jimk_z | 01/05/09
RE: Twitter phishing... inside Twitter  jimgray69 | 01/05/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
Learn more about the free, six-month trial offer>>
Learn more about tools to grow your business
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
Save time with the UPS Business Essentials Guide
The more you simplify, the more you save
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
Learn more >>
The best support in the Linux business
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
Learn more >>
Reduce risk. Reduce complexity. Increase reliability.
A simplified IT environment isn't just less complex. It's also more reliable. Standardize on a single Linux platform with SUSE Linux Enterprise from Novell, and get the world's most interoperable Linux
Learn more >>
Keep Up With The Latest In Document Management with The DocuMentor.
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
Learn more >>
advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Meet Doc

  • Here to help you with your Document Management Needs
  • Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
  • To learn more about this mysterious figure check out his blog on ZDNet and his Workspace on TechRepublic. You’ll be glad you did.
  • Produced by
    ZDNet and