RSS Alerts

Share

More services

Rick Robinson

Job title:
CTO and vice president, eSoft

Areas of expertise:
Applied cryptography, PKI, identity and access management (authentication, authorization, and auditing), secure data transport, and system hardening and protection

Biography:
Rick Robinson has over ten years of experience in the computer security sector, including development of secure embedded computers, secure remote access, secure networking design, and secure system architecture. Throughout his career, he has regularly worked with Fortune 500 customers, providing security strategy and guidance. Robinson is a recipient of the prestigious Avaya Labs Cup Award and has been named on four USPTO patents in the area of computer security with additional USPTO application submissions in process. He possesses CISSP and ISSAP certifications from (ISC)2. In addition, he is an IEEE Senior Member, Past-Chair of the IEEE-Denver Section, Member of IEEE Security and Privacy Society, Member of the IEEE Computer Society, and Member of the IEEE Critical Infrastructure Protection Committee. Robinson holds BS and MS degrees in electrical engineering from Montana State University with an emphasis in computer engineering, and is completing his Executive MBA from the University of Colorado.

Tag Cloud

hackingWiFicloudComplianceCybercrimeSecurityWiFi SecurityMalware

Bloggers

Blog

Phishing Scams Lure Twitter Users

The newest phishing scam on Twitter has snared thousands of users hoping to increase their number of followers.  Instead, users are sent off to a phishing page where cybercriminals steal their Twitter logins using them to generate more spam.

Thousands of spam messages are floating around on Twitter with links to increase the users’ follower count:

FREE MORE TWITTER FOLLOWERS!
CHECK out this site, im a member of it, gets you more followers
If you trying to get more followers check out
WANT MORE TWITTER FOLLOWERS?
Get more followers for free!



 

The cybercriminals use shortened URLs to prevent spam detection on Twitter.  Scammers are using a variety of URL shortening services to evade standard security precautions.

The shortened links lead to phishing pages capturing the users Twitter login, but never doing anything to increase the users' following. The compromised accounts are then used to send more spam and lure in more unsuspecting users.

 

 

With more followers on Twitter, you’re able to expand your reach and connect with more people.  This makes for a very effective social engineering trick; taking advantage of user tendencies for malicious purposes. Users are typically none the wiser until spam messages start appearing from their account.

There are now a tremendous amount of 3rd party sites and services available to support the Twitter crowd.  It’s important that users remember not to give out login information without first verifying the legitimacy of Twitter applications and websites.  Most legitimate services now redirect users directly to the Twitter API and use the OAuth method of authentication.  Users should look closely at their URL bar to be sure they are on Twitter's site before entering their login credentials.

 

 

 

 

 

 

 

 

 

If you see strange spam messages like these showing up on your account, change your password immediately.  eSoft protects SiteFilter users from these phishing sites with the “Phishing & Fraud” category and is actively flagging new sites as they’re discovered.

 

Posted 14/05/2010 by Rick Robinson

Tagged under:Phishing,Twitter,Spam

Comment on this blog

You must be registered and logged in to leave a comment about this blog.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012