Following the attack last week, increased levels of direct message phishing and typosquatting have been spotted on Twitter.
According to Websense, a phishing campaign has propagated via Twitter's direct message functionality and it said that while no correlation between the two events could be drawn, there was a marked increase in the number of ‘bit.ly' shortened urls being distributed, specifically related to one account.
It said that from all of the bit.ly urls analysed, statistics indicate that the victims are not confined to any one geographical area and that users are following the links. These lead to phishing websites that attempt to capture user passwords, and are often Twitter typosquatting sites.
It said: “Should you fill in your account credentials, they'll be snaffled by those behind this nefarious scheme and you'll be presented with a fake '404' page not found error before being whisked back to the official Twitter website as if nothing happened.”
Carl Leonard, senior security research manager EMEA at Websense, told SC Magazine that the problem is that a social networking site was under attack and now its users are trying to reset their passwords. “Attackers are using the same mechanisms that have been seen before and it is not ground-breaking, it just happens to correlate with the attack,” he said.
“The attackers are confirming that it is an online presence that they are interested in, here they are using every trick in the book to make an effective attack.”