Twitter Targeted Again By Phishing Attack Through Malicious Site TwitterCut

May 27, 2009

Twitter is the next best thing since sliced bread but it continues to be a prime target attacked by scams, phishing, spam and even spread malicious computer infections.

Once again, Twitter users are being tricked into providing their username and password details to a website that originally spammed the users for this information. The offending website is called TwitterCut, which sends out a message that appears to be from a Twitter users friend or follower. The TwitterCut site, at one time, closely resembled the real website allowing users to enter login credentials.

If a user visits this site, via a bogus message, and enters their Twitter account login details, they could be compromised. Sounds like fun getting your Twitter login stolen? Not much fun when the hackers user that information to get a bunch of followers with the intent to spam them. That does not sound very nice does it?

The way that TwitterCut sends messages to followers does not count as spam. It sends them as a "friend" of another user. Also, TwitterCut acts similar to that of a computer Worm infection. Because this tactic acts like a phishing issue, it can be considered to have worm-like characteristics by automating a so-called spamming campaign.

For now Twitter is pushing through a password reset on accounts that they believe have been compromised by the scam. Users are asked to use their best judgment when considering releasing their username and/or password.

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 2 + 3 ?