Monday, 2 November 2009

Those DM twitter Spammers

I’m pretty much a newcomer to the social media platforms, but I’ve noticed a recent spate of twitter users (“tweeple”) whose accounts seem to have been hijacked and used by persons unknown to send out tweets in the hacked person’s name. These are sent as direct messages (DMs) to the followers of the hacked account and include a hyperlink to direct you to a particular website.

Once they’ve become aware of it, the owners of the hacked accounts have sent out warnings that the DMs are not from them, and not to open the link. I don’t know if the link genuinely takes you to something interesting, or to a malicious website complete with viral attack software – I’ve been trying not to “fall for it” so haven’t followed the link.

How can your account get hacked? I’m not an IT specialist, nor a “hacker”, so I don’t really know, but I wondered if it was another example of phishing like those which are commonly used to try to get you to reveal online banking passwords - you know, the ones that say they’re the security department of the bank or building society, complete with a copy of their logo / branding, and try to get you to “confirm” your details.

It seems to me that the “new follower” notification from twitter would be a good candidate for a phishing scam. It could work like this:

1. You receive what looks like a new follower email notification, but which is really a cloned copy.
2. You click on any of the hyperlinks (new followers name or avatar, etc.) and this takes you not to twitter, but to the malicious site.
3. The malicious site then presents a clone of the twitter sign-in panel; if you’re unsuspecting you enter your account name & password – bingo they’ve got you!
4. The hackers can then use your twitter account to send the scam messages from your account to your followers. They use DMs since these are private and don’t appear on your timeline – so you’re less likely to spot that your account has been used.

This may not be how it works (maybe someone could comment to tell me?), but the precaution which I take, as with any other email that has direct hyperlinks, is to be suspicious! If you hover your mouse over the links, your browser will usually show where the link will take you – and if it doesn’t seem right, don’t follow it. For the twitter “new-follower” message I always go to the person’s profile from my twitter home screen, not from the email link, so I can’t be misdirected to a bogus website.

Apologies for straying off my usual garden / design topics, normal service will resume on next post!

No comments:

Post a Comment