Categories
Computing

Twitter phishing attack via Direct Messages

The F-Secure blog reports on a clever little phishing attack which uses Twitter’s own Direct Message service and URL shortening services.

Unsuspecting users will click the link provided in the message which comes from somebody they know as Direct Messages can only come from people you follow on Twitter. However the message is likely coming from a hijacked account and points to a URL which hosts a phishing page that looks like Twitter and is asking you to sign in.

Once they have your credentials they then send messages to all your contacts and their web of hijacked accounts grows exponentially.

The good news is that Twitter has reacted quickly to this attack and are closing down the avenues of attack.

By Matt Wharton

Matt Wharton is a dad, vlogger and IT Infrastructure Consultant. He was also in a former life a cinema manager.

Blogging here and at mattwharton.co.uk

Watch our family's vlog at YouTube

Follow me on Twitter