In the world of the web, we know that there seems to be no limit to what clever criminals can come up with to get people to part with personal, sensitive data.
The latest example comes in 140 characters or less – using Twitter messages. Apparently, subscribers are getting person-to-person messages which say: “ROFL this you on here?” A video site is linked, and when victims click on it…you guessed it…they’re sent to a fake Twitter page and asked to enter their log-in information.
When the victim clicks on the link, however, they are sent to automatically message the victim’s contacts with the same direct message.
Twitter warned of the scam, in typical brief style: “A bit o’ phishing going on — if you get a weird direct message, don’t click on it and certainly don’t give your login creds!”
IT managers should warn employees of this latest scam directed at Twitter users, and I’d include the above advice: don’t respond to direct messages (non-Twitter originated), and you should never enter your log-in information on sites generated by those messages.