Pictures of Osama Bin Laden phishing attack hits Twitter users

Filed Under: Featured, Phishing, Social networks, Spam, Twitter

Phishers are once again on the prowl for unsuspecting Twitter users, tempting their prey with the promise of pictures of Osama Bin Laden.

Pictures of Osama Bin Laden

Pictures of Osama Bin Laden [LINK]

Some of the accounts had earlier posted a similar message (complete with some rather sloppy spelling):

Pics of Osama Bin Laden Are Finally Released! [LINK] ::wanring very gorry::

Clicking on the links takes you to what appears to be the normal Twitter login page.

Fake Twitter login page

Would you enter your username and password at this point?

Take a close look at the URL before you make that decision.

Pictures of Osama Bin Laden phishing url

Hopefully you notice that it's not the real Twitter URL - it's a phishing site set up to steal your username and password.

If you make the mistake of entering your username and password then you will handing over the keys to your account to phishers, who would then be able to use your account to read your private messages, send messages (perhaps spam-related or containing malicious links) to your followers.

Worst of all, if you're one of those people who uses the same password as you use elsewhere on the internet - you've now told the cybercriminals how to access, for example, your Gmail, Hotmail or PayPal accounts as well.

If you found your Twitter account was one of those sending out the phishing messages, or if you made the mistake of entering your username and password, then you must change your password as soon as possible.

Not just on Twitter, but also make sure you're not using the same password anywhere else on the net. You have to consider that password is now compromised.

There's some other house-cleaning you should do on your Twitter account too. Visit the Applications tab in "Account Settings", and revoke access for any third-party application that you don't recognise.

Follow me on Twitter at @gcluley if you want to keep up-to-speed with the latest threats, and learn how to protect yourself.

, , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.