Twitter begins to see phishing campaigns become more prevalent as its popularity rises

Opinion by Dan Raywood

As a dedicated Twitter user I find it slightly distressing that a great tool for conversation, sharing of ideas and story leads has become the target for phishing campaigns.

As a dedicated Twitter user I find it slightly distressing that a great tool for conversation, sharing of ideas and story leads has become the target for phishing campaigns.


This week we reported on two phishing campaigns, detected by Trend Micro and Symantec, where fake Twitter profiles had been created with the intention of posting links to malicious sites.


The 140-character limit imposed in Twitter's creation ensures that malicious links can be disguised very easily, so if your phishing site is, it can be cut down to appear as only a few characters.


Undoubtedly this is a case of cybercriminals not only realising what a rising phenomena Twitter is in terms of social networking, but how to utilise it for criminal purposes. But how surprised should we be really? After all, social networking seems to be the pain of all IT departments, as CEOs pressure them to block access and employees make varying claims for the necessity of using it.


So should we be completely cautious around social networking sites? A friend on my Facebook this week ‘sent' me a message after his account was hacked into. Thankfully a strong knowledge of the sort of language he uses helped me realise that this wasn't the same person messaging me and the link was more than likely malicious.


A report by the Guardian claimed that Twitter had passed both Bebo and LinkedIn in terms of page views, and with media notoriety surrounding it and its users, this can surely only continue. 


The report claimed: “Twitter is still a relative minnow in page views compared to the big two social networks. However, there's a time for everything. There was a time when Digg first passed Slashdot.


“Perhaps the comparisons between Twitter and social networks aren't entirely fair - but then again, since it's a form of real-time messaging and linking and photo-sharing (through services such as Twitpic), it feels (no more than that) like there's something important happening. And the decline of MySpace and Bebo merits some hard questions on their own. Facebook is still on the upward swing: but given that Mark Zuckerberg has ruled out a stock market flotation, what are the options if gravity suddenly reasserts itself.”


This does come down to the age-old problem of awareness among the public users. Those who work in and around the security industry probably know better than to touch most social networking sites with a barge pole, but it is very easy to lure an unsuspecting user into a scam with the promise of cold, hard cash or adult attention.


As for the latest scams to hit Twitter, the phishing campaign detected by Trend Micro saw the typo-squatting site Tvviter set up in order to fool users into entering and disclosing their login details. This then allowed new followers to publicise links to a dating site that ‘made the scammers money in the process through a pay-per-click affiliate scheme', according to Trend Micro senior security advisor Rik Ferguson.


Ferguson also claimed that hundreds of compromised accounts are now being used to post messages directing people towards a second phishing site located in China, where a shortened URL led to a phishing site.


While this article was being written, I was communicating with McAfee Avert Labs, ironically via Twitter, who claimed that they had blocked a phishing site at that used the Twitter front login page. See a screenshot of the site, which Avert Labs claim to have ‘nuked', here.


So with constant attacks unlikely to subside due to the ease and speed of distribution, it will require a keen eye to know which site you are logging into, and perhaps consider bookmarking the Twitter homepage so you can be sure that you are logging into the correct site every day.


Back in March I attended the (ISC)² SecureLondon Conference where Spencer Parker, director of product management at ScanSafe, claimed that the spread of worms and malware on social networking sites had been ‘unbelievable'. He said: “You have got to educate users on social networking, there is no doubt that it is a great tool but do you really need a thousand friends? Do you really need that many? Users need to get out of promiscuous friend adding.”


Maybe this approach should be adopted by the tweeting brigade, with a stern warning to be careful what you click for.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events