A wave of Twitter phishing attacks have hit many users over the past couple of days. While there has been a consistent stream of these attacks throughout the course of Twitter’s history, two have managed to spread aggressively and seem to be infiltrating some well established political and media circles in the United Kingdom.
The latest victims according to The Gaurdian are several well known individuals and groups, including the UK’s Press Complaints Commission, BBC’s own Nick Higham, The Guardian’s Matt Wells and Environmental Minister Ed Miliband. Even First Direct, a popular bank, fell victim to the scheme. A seemingly nerve racking thought considering the amount of personal information available. Though it appears the company did assure customers that no personal data was compromised.
Twitter phishing attacks usually appear as tweets or direct messages asking to click a URL and enter credentials which then hacks their accounts and continues the spread to their followers. The two notable phishing attacks have come in the form of “this you??” and “hey, I’ve been having better sex and longer with this here” direct messages which can appear to be personal correspondence from one of your followers. Once the particular shortened URLs are clicked, the user is taking to a Twitter log in page which at first glance appears to be the original. Rather, the page is a copy cat which lures the reader into giving up their log in and password. From there the process continues.
If you’re worried about Twitter phishing scams you can follow Twitter’s official safety account that spotlights what is legit and what is not.