Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Password Scam Risks on Social Networking Sites

InfoSecurity Europe : 30 March, 2010  (Technical Article)
Lee Barney of Securm explains how a combination of Twitter, Internet Explorer and URL Shortening sites spells danger for many users who need to change their passwords to prevent them from being compromised
See our events guide listing for more details

This isn't a news flash, I think by now most people know about the Twitter Scam that is going around at the moment. If you are reading this then CHANGE YOUR PASSWORD NOW. This goes for your myspace and facebook accounts and even your Computer passwords if they are similar (I imagine that they are....).

The scam is quite a simple one, essentially a group of Chinese scammers have set up login pages for popular social networking sites with the aim of collecting passwords. They trick you to following a link using URL shortening services such as (which doesn't allow you to expand the url like with a message similar to

Of course because it's one of your followers (a genuine real person) and you are curious you follow the link. You are now prompted to re-authenticate to twitter. The page that you are asked to authenticate on is actually hosted in China, the one for the above attack was at a URL which clearly isn't twitter or myspace. Of course, if it wasn't for the helpful people at Mozilla Firefox, why would you think to look at the URL.

Note that Windows Internet Explorer doesn't pick up on this....

Or course you should but not many people do... and thus a number or people are attempting to re-authenticate themselves and therefore giving your details away.

So check your DM's that you have sent out, check you're sent items in your network accounts and if you see any messages that you don't recognise then CHANGE YOUR PASSWORDS. In fact, CHANGE YOUR PASSWORDS ANYWAY.

Lessons to learn?

As I am always telling anyone who will listen, don't click on links sent to you in whatever form they come in, be it DM's or emails, especially if they are from a "trusted" source. Always cut and past the URL into the address bar and if it has been shortened, expand it first. Look at the URL before you enter it or attempt to traverse to it, then STOP. Don't hit enter, take it to a web proxy service and enter it there. View the page and only then if you trust it, visit it.

When it comes to using the internet, be very, very careful. Don't take things at face value and don't click on links.

Network Admins

I know a lot of you out there already know this stuff, but remember as responsible netizens we should be continuously warning people of these things. A simple password hack like this can lead to a corporate network being compromised just because the user used the same password... If you're a network admin reading this, are you sure that no one in your organisation uses the same password for their corporate VPN access as they do for their twitter, facebook account?

On a final note, push out internet explorer and get in FireFox...

Securm are exhibiting at Infosecurity Europe is the No. 1 industry event in Europe held on 27th - 29th April at Earl's Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo