Twitter users hit by more phishing and spam attacks

Filed Under: Phishing, Social networks, Spam, Twitter

The phishing campaign which spread over the weekend via Twitter, stealing users account details has evolved into a series of new campaigns.

Many Twitter users are reporting that they have been struck this morning with a barrage of new direct messages such as:

hey. i won an iphone! come see how here [url removed]

and

Wanna win the new iPhone? It's so easy and cool, I love this thing! Visit: [url removed]

Clicking on the links can take users to a website that claims that they might win an Apple iPhone if they hand over their credentials including their cell phone number. It is possible the spammers are earning a commission via affiliate links by directing traffic to these websites.

iPhone winner website

Even Twitter celebrities such as Stephen Fry (perhaps not surprising considering how many followers he has) have reported clicking on links from the earlier phishing campaigns without thinking of the possible consequences.

With typical wit the self-confessed gadget freak Fry admits that another Apple iPhone is the last thing he needs.

Stephen Fry Twitter messages

The good news is that because Twitter celebs like Stephen Fry have so many followers they can help spread warnings to other members of the Twitter community about phishing campaigns very quickly. On the other side of the coin, however, if their accounts were ever compromised the spammers would believe that they have hit the mother lode. After all, a link in a message from someone famous might be very hard for many people to resist..

Twitter is obviously concerned about the phishing and spam problem, and has added a warning on its site.

Warning from Twitter

However, the constant stream of reports suggests that there are still a sizeable number of Twitter users who do not realise that their accounts have been compromised.

, , ,

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.