Twitter scam surfaces

Twitter scam surfaces

Tags:    scam   Sophos   Twitter

By Joan Goodchild, CSO (US) | Jun 27, 2011

A scam that has been making its way around Twitter for some time has resurfaced recently and promises to increase a user's followers, but really gives control of one's account to a questionable third party.

The ruse begins by employing some social engineering with a tweet that says "I will follow back if you follow me" and includes a shortened link. The link then takes you to a web site that offers a service which claims it can round up hundreds, even thousands, of new followers on a Twitter account.

According to Sophos' Senior Technology Consultant Graham Cluley there are several versions of the services out there.

"Although the graphics differ, the basic template of the site remains the same -- including options to either pay for a VIP plan or try out a free service that promises hundreds of new followers," Cluley notes in a blog post.

Cluley created a new Twitter account to test out the service through a "free trial." He quickly found the service required his Twitter username and password.

"That should instantly have you running for the hills -- why should a third-party webpage require your Twitter credentials? What are the owners of these web pages planning to do with your username and password? Can they be trusted?" he said.

Cluley also noted in the bottom right hand corner of the site, the service admits it is not endorsed or affiliated with Twitter.

After entering the login details for the test account, Cluley reports he was asked by Twitter to grant the application access to the account, which many unwitting victims often do.

 
 
12 > >>

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
Verification Code
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
 

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Testing the Cloud – Definitions, Requirements, and Solutions
The widespread availability of high-speed broadband networks has seen applications and web sites move into the Cloud. This use of a cloud-based infrastructure means there is no local infrastructure to purchase, manage, secure, or upgrade. The virtualized data center, whether within the enterprise or located at a cloud service provider, must be properly provisioned in order to provide the necessary functions and performanceof cloud-based applications.
Integrating the physical and the virtual
It’s not just a question of dealing with a proliferation of virtual machines. With convergence, fewer hardware resources deliver multiple capabilities and host multiple workloads.Monitoring these “anytime-anyplace” workloads creates a resource challenge, as there are a limited number of network access points.
 
 
 
A Case Study of Eurograbber: How 36 Million Euros was Stolen via Malware
This is a case study about a sophisticated, multi-dimensional and targeted attack that stole an estimated 36+ million Euros from more than 30,000 bank customers from multiple banks across Europe.
Symantec, Singapore school partner to nurture next-generation security talents
Symantec Corp. and the Singapore Management University will jointly train and equip IT security professionals with the latest knowledge and skill sets in information security.