Twitter typosquatting site hopes to make money from your cellphone

Filed Under: Mobile, Social networks, Twitter

If you've got clumsy fingers like me, occasionally you probably type the wrong the wrong address for a website.

For instance, today I wanted to visit Twitter but I accidentally typed in

twtter.com

instead.

Clearly this site has no qualms about using a Twitteresque colour scheme, or the familiar silhouette of the Twitter bird (who apparently is officially named "Larry").

The webpage says that I have been especially selected to answer an anonymous questionnaire, and asks a couple of fairly harmless questions - are you male or female? how often do you tweet?

Of course, if you weren't watching closely you might think that this is a genuine Twitter questionnaire, and if you really think you might be in the running for a free iPhone 4 or an exotic holiday you may be all too keen to participate.

Oooh, look.. I could be a winner!

I decided that I'd like to try to win the Apple MacBook Pro and I was asked a question that probably even my Great Aunt Agatha could answer correctly - "can you watch videos on a MacBook Pro?"

And here's the whole point of the exercise. The people behind these webpages want your mobile phone number. If you scroll down and read the small print of the bottom of the page, all is revealed.

Once the service has your mobile phone number it will begin to SMS you multiple choice questions. It will cost you £1.50 to receive each question, and a further £1.50 to answer. If you answer the most questions correctly (up to a maximum of 50 - which will have cost you a rather hefty £150) then you'll be invited to take a tie-breaker.

Only if you're judged to have given the best answer to the tie-breaker (presumably) will you win your prize.

Twtter websiteHmm.. not sounding so attractive now, is it?

And seeing as whoever is promoting this particular competition is raking in money by deliberately pretending to be Twitter by typosquatting their domain name, I personally would be less than keen to participate.

Whoever is behind this campaign is hoping that enough people will (like me) mistype Twitter's URL and bring them lots of traffic.

Always remember to read the small print and have your wits about you when you're offered something that seems too good to be true, and be careful who you give your mobile phone number to online.

, , ,

You might like

9 Responses to Twitter typosquatting site hopes to make money from your cellphone

  1. Krista · 1158 days ago

    If you go to http://www.whois.net, you can look up the information for who is registered to this website. There's even a phone number listed and it shows it is in Colorado.

    • 234r · 1158 days ago

      That whois info is a dead end. Brian Krebs (krebsonsecurity.com) wrote an article for the Washington Post a couple years back that showed how this works. http://voices.washingtonpost.com/securityfix/2008...

      From the article:
      Out of the 15,000 spam-advertised domains we examined, nearly half -- 7,142 names -- were registered through a Broomfield, Colo. company called Dynamic Dolphin. As I noted in my previous story, Dynamic Dolphin is the seventh most-popular registrar among spammers who provide patently false information in their public WHOIS records.

      Dynamic Dolphin is owned by a company called CPA Empire, which in turn is owned by Media Breakaway LLC. The CEO of Media Breakaway is none other than Scott Richter, the once self-avowed "Spam King" who claims to have quit the business. Anti-spam groups also have recently implicated Media Breakaway in the alleged hijacking of more than 65,000 Internet addresses for use in sending e-mail and hosting commercial Web sites.

      There is more good info in the article, but the basic gist is that the info is fake and you aren't going to find out who the real owner is.

  2. fabrocks · 1158 days ago

    The fact that they spell "getaway" as "Get Away" would also raise some red flags for me.

  3. Oliver V · 1158 days ago

    I would have thought Twitter would have bought the domain twtter.com and had it redirect to the correct site.

  4. Steve D, · 1158 days ago

    The same thing is being done at a mis-spelled version of youtube.com. This is the only scam that has ever reeled me in.

  5. Craig · 1158 days ago

    Interesting thought, what would happen if through act of malice a mobile number was entered of a person who didn't know it was being entered? Perhaps somebody in a van cut you off, you get their mobile number and enter into pages like this? Is this piggybacking malware in its infancy?

  6. Dave · 1157 days ago

    First SMS is a validation pin, so you would need the actual phone of a target to do this.

  7. Dave · 1157 days ago

    Of course. I have a number of, er...contacts, who I'd just love to sign up for this.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.