Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Password stealing spam hits Twitter

Sophos : 05 January, 2009  (Technical Article)
Twitter account holders warned not to click links on unsolicited messages after discovery that these links phish for password and username details
IT security and control firm Sophos has warned members of Twitter to be on their guard against an evolving attack which threatens to steal personal information from them.

Thousands of Twitter users are reporting having received direct messages from friends inviting them to visit a website. Sometimes the lure claims that they could win an Apple iPhone, and on other occasions the messages have pretended to point to funny pictures or blog articles about the recipients.

The original messages over the weekend pretended to point to funny pictures or blog articles about the recipients.

However, clicking on the links would take users to a bogus Twitter page which would steal users' login name and passwords.

Writer, TV star and Twitter celebrity Stephen Fry was amongst the people who unwittingly clicked on the link without realising that he was being taken to a potentially dangerous website although it is not believed that his account has been compromised.

Sophos experts note that having hacked into Twitter accounts with information gleaned from the widespread phishing attack, cybercriminals are then using the compromised Twitter identities to pass on spam messages to even more Twitter users.

These new messages are claiming that recipients could win an Apple iPhone if they visit a web link.

'It would be bad enough to hand your Twitter username and password over to a criminal, as they could pose as you online and spread malware and spam to your friends and followers. However, as an alarming 41 percent of internet users foolishly use the same username and password for every website they access, the potential for abuse is even greater,' said Graham Cluley, senior technology consultant at Sophos. 'Twitter users who may have lost control of their accounts need to change their passwords as a matter of priority before more harm is done. Compromised social networking accounts are valuable for hackers as they can use them for a springboard for spam campaigns, identity theft attacks and other online crime.'
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo