Chris Pirillo pointed out a Twitter Phishing Scam that is spreading pretty fast in the tweetosphere.
Its nothing but an old phishing trick – You will probably get a DM that says “Check this cool website…” along with a link. Now when you click that the link redirects to this website: http://twitter.access-logins.com/login/. (Please Don’t click!).
And as usual, the page is a dot-to-dot copy of the twitter homepage apart from the fact that when you will give away your Twitter credentials, instead of sending them to the twitter’s authorization server – it will simply record down your password and use it later to do ‘evil’ things. (E.g. Send out spam to all your followers, send mass advertisements etc.)
How to Protect Yourself From Such Phishing Attack?
- Never give out your credentials on a unknown website. When you are writing your password, keep an eye at the address bar. Make sure the domain is “Twitter.com” in the end and nothing else!
- Only follow links from people that you trust.
- Don’t follow unnecessary people. Twitter is a very useful service, but it loses its usefulness if you start following back every single one who follows you.
- Always use the latest browser version. For instance, I’m using the latest Firefox & Chrome
- Try to keep your browser security tight! For instance, I couldn’t even go to that phishing site because firefox won’t let me! It shows a big warning notice — “Reported Web Forgery”.
Firefox has this option pre-enabled on install. You can manually enable it from Tools>Options>Security Tab and Check the box – “Tell me if the site I’m visiting is a suspected forgery”
Share this with your friends and other twitter user! Follow me on Twitter to stay up-to-date with all the latest news.