Phishers are once again on the prowl for unsuspecting Twitter users, tempting their prey with the promise of pictures of Osama Bin Laden.
Pictures of Osama Bin Laden [LINK]
Some of the accounts had earlier posted a similar message (complete with some rather sloppy spelling):
Pics of Osama Bin Laden Are Finally Released! [LINK] ::wanring very gorry::
Clicking on the links takes you to what appears to be the normal Twitter login page.
Would you enter your username and password at this point?
Take a close look at the URL before you make that decision.
Hopefully you notice that it's not the real Twitter URL - it's a phishing site set up to steal your username and password.
If you make the mistake of entering your username and password then you will handing over the keys to your account to phishers, who would then be able to use your account to read your private messages, send messages (perhaps spam-related or containing malicious links) to your followers.
Worst of all, if you're one of those people who uses the same password as you use elsewhere on the internet - you've now told the cybercriminals how to access, for example, your Gmail, Hotmail or PayPal accounts as well.
If you found your Twitter account was one of those sending out the phishing messages, or if you made the mistake of entering your username and password, then you must change your password as soon as possible.
Not just on Twitter, but also make sure you're not using the same password anywhere else on the net. You have to consider that password is now compromised.
There's some other house-cleaning you should do on your Twitter account too. Visit the Applications tab in "Account Settings", and revoke access for any third-party application that you don't recognise.
Follow me on Twitter at @gcluley if you want to keep up-to-speed with the latest threats, and learn how to protect yourself.Follow @NakedSecurity