A new phishing scam is spreading through Twitter via direct messages, according to several reports.
Itamar Kestenbaum writes on his JewNews.net blog that he received a direct message on his Twitter account from someone he didn’t know that said ‘rofl this you on here?’ followed by a link to what appeared to be a video-related Twitter page.
The page looks like a legitimate Twitter log-in page but nabs your credentials if you type in your password, he warns.
Meanwhile, a posting on the Mashable blog said the site had received multiple reports of the new phishing scam and that someone there had even received one of the phishing-related direct messages themselves.
No word on this yet on Twitter’s official blog or from a Twitter spokesperson. We’ll keep you posted as we hear more.
In the meantime, if you clicked on the phishing link and typed in your credentials, you should change your password immediately.
Update at 5:30 p.m. PDT: Twitter acknowledged the phishing scam in a tweet on Wednesday that said ‘A bit o’phishing going on–if you get a weird direct message, don’t click on it and certainly don’t give your login creds!’
JewNews.net captured this screenshot of the phishing-related direct message Twitter users are receiving and the fake log in page the link directs to.
Originally posted at InSecurity Complex