Jan 3, 2009

BEWARE: Twitter PHISHING SCAM hits users hard

At 4:52 I received a private message from a follower that read:
hey! check out this funny blog about you... http://jannawalitax.blogspot.com/
I clicked on the link and it redirected to http://twitter.access-logins.com/login/. I am pretty sure that the guy who "sent" it, was already a victim and whomever hijacked his account was the person who sent me the DM.

There's no problem clicking on the link, the problem is in being fooled into thinking you must login to twitter in order to see it. But it's not twitter and so some clever people (or not really that clever) ended up with an unknown number of twitter accounts in which to perpetuate the phony "blog about you" message.

What makes this so insidious is that DM's can only come from your "trusted" network. My belief is that the hackers were going to use this in order to create a SPAM network where they could advertise via DM.

There's not a lot of personal information stored in profiles so it doesn't seem likely that they had anything more sinister in mind.

Update III: Lots of people fell for this and the phisher is using new messages. I have received many since Saturday when I first posted this with this new message:

  • fixed it.. hehe here is that blog i wanted to show you

The perpetrators are apparently from China:

Domain Name      : access-logins.com
PunnyCode        : access-logins.com


Registrant:
  Organization   : zhang xiaohu
  Name           : zhang xiaohu
  Address        : changningzhonghuainanlu192hao
  City           : changning
  Province/State : Hunan
  Country        : CN
  Postal Code    : 421500

Administrative Contact:
  Name           : zhang xiaohu
  Organization   : zhang xiaohu
  Address        : changningzhonghuainanlu192hao
  City           : changning
  Province/State : Hunan
  Country        : CN
  Postal Code    : 421500
  Phone Number   : 86-0734-3211451
  Fax            : 86-0734-3211451
  Email          : zhangxiaohu_0098@126.com

Technical Contact:
  Name           : zhang xiaohu
  Organization   : zhang xiaohu
  Address        : changningzhonghuainanlu192hao
  City           : changning
  Province/State : Hunan
  Country        : CN
  Postal Code    : 421500
  Phone Number   : 86-0734-3211451
  Fax            : 86-0734-3211451
  Email          : zhangxiaohu_0098@126.com

Billing Contact:
  Name           : zhang xiaohu
  Organization   : zhang xiaohu
  Address        : changningzhonghuainanlu192hao
  City           : changning
  Province/State : Hunan
  Country        : CN
  Postal Code    : 421500
  Phone Number   : 86-0734-3211451
  Fax            : 86-0734-3211451
  Email          : zhangxiaohu_0098@126.com

Be careful out there.....

Update: I've pulled the user names. Twitter is on the case.

Update II: I *think* I may have been the first to report this at exactly 17:00. Twitter tweeted about it at 17:19 CDT, added a warning on their homepage linking here

6 comments:

Andrea Hill said...

I had the same thought! :) http://www.afhill.com/blog/social-media/twitter-phishing/

I debated on the list of affected users, however, because I wasn't sure if that would really help or not. If people are aware of the scam in general, specific users are not the concern.

But if you do start to pull a list together, I have quite a few names for you already :)

Rick Fisk said...

Sweet.

Doug from Nullvariable Web Consulting said...

the main domain hosts a facebook phishing page

Chris Depew said...

I think I beat you to it. :) Who really knows. The important thing is we were all watching out.

http://twitter.com/ChrisDepew/status/1094217397

Thanks for looking out for everyone out there as well. The email address is real and the phone number is as well. Twitter was given this information shortly after I tweeted this. Site should be shut down shortly

Rick Fisk said...

Beat you by two hours :)

http://twitter.com/Principled/statuses/1094169845

Rick Fisk said...

http://twitter.com/rfisk/statuses/1094167756