Sunday 11 March 2012

The third time it's enemy action (Twitter Phishing attacks)

Scots Trad Singer @BarbaraDymock has had her Twitter account hacked more than once recently, and I'm reminded of what Goldfinger said to James Bond: "Once is happenstance, twice is coincidence. The third time it's enemy action".

Then I received a notification on my mobile phone, purportedly coming from @BarbaraDymock and directing me to a web page at "iitvvitter dot com". The page was a forgery of a real Twitter page which reads "Your session has timed out, please re-login".

That is a phishing attack. The forged page includes Username and Password fields, and of course a Sign-in button which would forward those details to persons unknown.

The enemy perpetrating this attack relies on the fact that the mis-spelling of "Twitter" as "Tvvitter" will not be readily noticed. In small fonts, you almost have to use the cursor to discover that two V's have been substituted for a "W".

The best thing to do when presented with "time-out" and "re-login" types of messages is to close the browser window completely, then start again, typing the correct URL into the web address field. This of course applies to any on-line service, not just Twitter.com.

If you think your account has been compromised, immediately change its password and those of any associated programmes and services. Follow the guidance at https://support.twitter.com/groups/33-report-a-violation/topics/122-reporting-violations/articles/31796-my-account-has-been-compromised#