There is a Twitter phishing scam going around that is being delivered in Twitter direct messages. The text of the message says “Hey somebody is posting really bad rumors about you.” and contains a shortened URL link that when clicked on takes you to a website that displays the following web page.
The webpage resembles a Twitter login page and is trying to obtain your Twitter login credentials. Aside from the fact that the page does not have a typical Twitter background, note that the expanded URL – shown in the red circle – contains the characters twtter which looks just like “twitter” but missing the “i”.
Shortened URLs are one of the main security weaknesses of Twitter. They make it easier to keep tweets containing URLs under the 140 character limit, but they also mask the original URLs so you can’t tell whether or not they are bogus.
Don’t be fooled by this scam by taking these precautions:
- If you navigate to a web page like the one I’ve included here, do not enter your Twitter login credentials.
- Check the URLs you click on from shortened URLs and make sure they do not have missing characters in what appear to be normal company names within the expanded URLs, like twtter, facbook, etc.
- Check the web pages that you accidentally browse to make sure they belong to the companies they represent.
- Use the Browser Toolbar that comes with Trend Micro™ Titanium™ Maximum Security. This tool rates URLs in your Twitter feeds indicating whether the shortened URLs point to legitimate or malicious sites.
- Watch out for scams that are sent in direct Twitter messages like this one and make sure you follow tips 1 – 3 when you click on links contained in these messages.