Beware of the Twitter Direct Message Spam!

There are lots of scams on the Internet and I’m usually pretty good at catching them right away. This one, however, was a little trickier and I wanted to take a minute to spread the word about it so that you don’t fall prey.

I received an e-mail notifying me that I had received a Twitter direct message (though Twitter’s user-to-user messaging system).

A crazy Tweet about ME?!  It sounded scandalous! I immediately clicked through the link in the notification to see what the ruckus could be.  But wait…

OK, now I was starting to get a little suspicious. I don’t normally stay logged into my Twitter account, but I’ve never had to sign in to view a Tweet. A little bit of a closer look revealed this:

Sure enough, the URL was “tvviiter.com” — a common “phishing” scam where the bad guys try to trick you into entering your username and password into an otherwise authentic-looking login screen.

Disaster averted!

So what happened here?  Most likely the victim who sent me the direct message in this case, clicked on a similar link at some point and had their username and password stolen.  The scammers then logged into their account, Tweeted out a spam message to the person’s followers offering whatever male enhancement product of the day, and then tried to trick more folks into giving their info by sending out direct messages through the victim’s account.

Unfortunately, unlike most “phishing” scams that are obvious forgeries, these appear to the recipient as legitimate Twitter direct messages. The key tip-off, however, is the fact that the login URL is not “twitter.com” but a spoofed misspelling of the domain name.

The moral of this story… make sure you know “where you are” when you enter your username and password!  A hacked Twitter account is a lot less of a big deal than a hacked bank account.

Matt Thomas, W1MST, is the managing editor of AmateurRadio.com. Contact him at [email protected].

4 Responses to “Beware of the Twitter Direct Message Spam!”

  • kk4bno:

    Yeah that is similar to one on facebook that is of the “omg did you see what so and so said about you” variety. I hate that stuff and if one is on a mobile phone like me..its not easy to do the link hover tactic to look for spoofed urls. But timed out sessions will be something to be aware of in case something passes by the spam filter in my head.

  • Jeff, KE9V:

    All Twitter users should carefully consider who they allow access to their account.

    I’m talking about permitting external applications to have access to your username and password. Still don’t know what I mean? Go to your Twitter account on the Web and view your SETTINGS and then APPS. Here will be a list of all the applications that you have permitted to access your account in some way or another.

    I’m always suspicious of the many free add-on services where they will tell you your “Cool Twitter Score”, show you who just unfollowed you, or some other bit of nonsense in exchange for you giving them permission to access your account.

    Keep this list to an absolute minimum and change your password frequently.

    73, Jeff

  • Randy K7AGE:

    Matt

    Thanks for the posting. I had received several tweets saying the people were saying bad things about me.

    I changed my twitter password. I found the twitter add on services page and I was amazed how many apps had connections to my twitter account. I shut a bunch of them down.

    73
    Randy
    K7AGE

  • Joe KB3PHL:

    There’s a better way to avoid these problems, don’t use Twitter or Facebook.
    I don’t trust any of these social networking sites as far as I can throw them. I get along just fine without the need for any of them.

    73’s Joe KB3PHL

Leave a Comment

Subscribe FREE to AmateurRadio.com's
Amateur Radio Newsletter
News, Opinion, Giveaways & More!

E-mail 
Join over 7,000 subscribers!
We never share your e-mail address.



Also available via RSS feed, Twitter, and Facebook.


Subscribe FREE to AmateurRadio.com's
Amateur Radio Newsletter

 
We never share your e-mail address.

Please support our generous sponsors who make AmateurRadio.com possible:

KB3IFH QSL Cards

Hip Ham Shirts

Georgia Copper

Ham-Cram
Expert Linears

morseDX

Ni4L Antennas

N3ZN Keys

West Mountain
R&L Electronics


Do you like to write?
Interesting project to share?
Helpful tips and ideas for other hams?

Submit an article and we will review it for publication on AmateurRadio.com!

Have a ham radio product or service?
Consider advertising on our site.

Are you a reporter covering ham radio?
Find ham radio experts for your story.

How to Set Up a Ham Radio Blog
Get started in less than 15 minutes!


  • Matt W1MST, Managing Editor




Sign up for our free
Amateur Radio Newsletter

Enter your e-mail address: