Beware of phishing on Twitter and Facebook !

I just got a direct message (DM) on twitter today and it was like, "Tell me if this blog is about you?". The messages may be different, like, "This gotta be you in this picture?", but link remains same. At the first look itself, I found out it to be a spam. I had even seen such links on facebook. So I didn't click on that link.

But when I looked at my timeline, I saw many people complaining about such DMs and this caught my interest. So I decided to take risk and click on that link. At first, I hovered the mouse cursor on that link, but that didn't expand to the original site. That confirmed it to be a spam [I just wonder why most of them use tinyurl, a URL shortner service]. But I had to take risk. So, I cleared all my browser cookies first to secure other services I use. Then I copied the link and pasted onto new tab and was ready to go.

Now I clicked on that link and it took me to a webpage looking similar to twitter login page [if you use Google Chrome, you will be warned before entering that page! Read my other post about why Google Chrome is the best web browser! ]. Everything what you see on twitter login page was present there, but for my wonder, the address of that webpage was !! Many novice and average internet users really think that it is twitter and just enter their username and password and click on sign in. If you do that, your twitter account would then be compromised !

When you click on sign in button, the data you entered will be then sent to a PHP script, hosted on some unknown server, for processing. That means, your username and password will be saved by that script and you will be redirected to original twitter as usual! You never come to know about the password theft! You may get this kind of messages from your friends. And if you get one, sadly, your friend's account has been compromised. Many of my fellow followers are already victims of this trick. After gaining access to your account, hackers may use your account to trick your followers with similar links, or they would completely lock your account from you!

Most of the evil hackers use social networking sites to trap users to give out their credentials. Reason is not a surprise, social networking sites are widespread and even a novice user can use them without any difficulty. So please avoid clicking on any such links and be safe on web :)



Anonymous said...

Thank you for this! I got the same DM and pasted the URL into google search and got your post.

Anonymous said...

Thanks - Google Chrome blocked itiwitter for me but I just wanted to double check

Anonymous said...

Wonderful blog! I found it while browsing on Yahoo News.

Do you have any tips on how to get listed in Yahoo News?
I've been trying for a while but I never seem to get there! Thanks
Visit my webpage ;

Anonymous said...

My developer is trying to convince me to move to .net from PHP.
I have always disliked the idea because of the expenses.
But he's tryiong none the less. I've been using WordPress on various websites
for about a year and am worried about switching to another platform.
I have heard good things about blogengine.
net. Is there a way I can transfer all my wordpress content into it?
Any kind of help would be really appreciated!
Here is my site - cleaning companies

Related Posts Plugin for WordPress, Blogger...