Don’t Get Hacked by This Phish!

Announcements
1

 

It is increasingly common for our social media accounts to get hacked. Scammers have a variety of ways for tricking us into allowing them access and it’s best to stay aware and prevent this from happening to you. It’s no fun to recover a stolen account and the time it takes can provide the crook just enough time to spread the problem to your friends and colleagues.

 

I’ve even worked with a group of local teens whose social network accounts were all hacked, seemingly by the same individual. Currently the matter is in the hands of law enforcement for this constitutes a criminal act. It’s not clear how the hacks occurred, whether the bad guy used software to eavesdrop on their logins, or sent malware to one that spread to the others. As the legal case comes to completion, I hope to find that out.

 

Today, I receive a message in my microblogging account with all the hallmarks of dangerous, account stealing spam. It was from an unknown person with the message: “I saw a real bad blog about you, you seen this?” and then included a link using a shortening service so I couldn’t determine where it might lead. I’ve been through this before so I went online to search the language of the message and confirmed my suspicions: dangerous account stealing spam. If you click the link in the message it takes you to a webpage that looks just like the authentic microblogging service’s login page

 

If you enter your username and password, the crook now “owns” your account. And can send this message out to all your followers, friends and colleagues in your name, thus furthering the spread. When I checked the people who’d been hit, I saw messages from the entire globe: in English, Japanese, Arabic and Portuguese.

 

Here’s what the page looks like:

phishing site.jpg

 

 

 

 

 

 

 

 

 

 

 

 

 

This screenshot shows Norton’s Site Safety feature warning ‘Caution’, just one great reason to use the Norton Safe Web toolbar(or the Safe Web feature in Norton security software). This is a phishing attack. The domain in question can be seen as ‘twittelr.com’. The domain was only registered a couple of weeks ago. Formore information on how you can avoid having your account hacked:

https://support.twitter.com/articles/76036-safety-keeping-your-account-secure.

 

 

Use the services available from Norton or other security vendors, as well as your own good sense, to avoid falling for phishing attacks!