Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Security experts are warning Twitter users of yet another phishing attack, aimed at stealing the usernames and passwords of those signed up to the site. The malicious tweets in question take the form of a message such as “LOL. this is me??” or “LOL, this is funny?” followed by a link including the term “bzpharma.net”, which leads to a fake user log in page.If users then enter their credentials on this fake site, they are then shown a fake Twitter “fail whale” before being taken back to the real Twitter main page, so they may not realise their credentials have been compromised, warned Sophos senior technology consultant, Graham Cluley.Although Twitter staff are warning that the phishing messages are being sent by direct message only, however, Cluley warned that they are also being posted in public fields.“It appears what is happening is that the messages are being shared more widely because of third-party services like GroupTweet which extend the standard Twitter direct message (DM) functionality and allow private messages to be sent to multiple users *and* optionally made public,” Cluley wrote.“As a result we have found Twitter accounts that have warned their followers about the phishing attack, only to subsequently fall victim to it themselves.” Cluley advised any users tricked into handing over their credentials to change their username and password immediately.Sophos’ latest annual threat report found a whopping 70 per cent rise in the number of spam and malware attacks taking place on social networking sites over the past year.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.