Twitter, the popular microblogging site, has become the latest target of phishers. The company is warning its members to be careful of messages that redirect them to spoofed Twitter sites in an attempt to steal their user names and passwords.
"This particular scam sent out e-mails resembling those you might receive from Twitter if you get e-mail notifications of your Direct Messages. The e-mail says something like, 'hey! check out this funny blog about you ...' and provides a link," the company said.
Twitter went on to explain that the link redirects users to a site masquerading as the Twitter front page. Twitter advised its members to look closely at the URL field to see if it has another domain besides Twitter, but looks exactly like the microblogging home page. That, the company said, indicates a fraud.
If You Get Twicked
E-mail, cell phones, Facebook and now Twitter all have something in common: They are being used by fraudsters for phishing attacks, observed Marian Merritt, Symantec's Internet safety advocate.
"The scam messages, just like the phishing e-mails and Facebook phishing attacks, seem to come from someone you know and appear to be personal," Merritt wrote in the Norton blog.
For members who have clicked the link and given up their Twitter password to the phishers, the company said it is possible for the phisher to send out direct messages on your behalf that could trick your followers. In those cases, Twitter said users should proactively reset the passwords of their accounts.
"If you find yourself unable to log in to your account with your user name and password, please use the reset password link to regain access. This will send an e-mail to the address associated with your account, and you'll be able to create a new password," the company advised.
Will the Real Twitter Please Stand...

More...