Anatomy of Twitter DM Scam @cmt1
- this is you in the photo album right?
- tell me if this blog is about you?
ORIGINAL BLOG ENTRY:
Earlier today, I received the following Direct Message from Carol Tonhauser (@cmt1). Since I hadn't had a conversation with Carol, I thought it might be an approach to get at my Twitter login/password. But how to get more info?
A quick google search revealed these approaches:
- Untiny.com via http://www.technize.com/reveal-destination-of-tiny-urls/
- URL2It - http://url2it.com/Tools/URL-Decoder.aspx
So, for fun, I copied the address in the original DM in my email:
And, then used Untiny.com to reveal where it pointed....
Notice that the address it extracted is another TinyURL...so, for fun, I pasted that in:
And, that took me to...
So, rather than use my regular browser, I opened another browser window in Incognito mode and here's what popped up...the problem, of course, is with the URL that appears in the window. It's not Twitter, is it?
I guess at this screen, I'm supposed to enter my Twitter login and password it will get my login information. Once it has that, then it will spam someone else.
What to do if you are compromised?
And...this advice is on target:
To protect your Twitter account from being hacked in the future, use a strong password that is difficult to guess...When logging into your Twitter account, ensure you are on Twitter's site before entering any sign-in information. Watch for any suspicious links in your Twitter feed or email, and ensure your computer's security software is up-to-date.Source: Danielle Gream
Finally, hope you have a "happy" ending....