Anatomy Of A Twitter Scam
Do you remember Mobile Phishing and the related risks? Well This morning I had a bad surprise and could see it anction with my hands (or better with my fingers on the display of my Android Device).
This morning I woke up early (6 AM) since I previously arranged a travel to my hometown which takes approximately 4 hours. As usual I have the bad habit to check email upon awakening, directly from my Android device. This morning found a strange DM strange DM on my Twitter Account:
This made me laugh so hard when i saw this about you lol hxxp://t.co/AusOXeQ
I already exchanged some DMs in English with this contact, so, the content was not so strange (probably a similar message from an Italian contact would have received a different impact and triggered an alarm bell). Moreover I suppose my neurons were not completely up and running (actually they are rerely in this state), so a little bit for curiosity, a little bit for fun I clicked the link directly from my mobile device.
In the following screenshots you may realize how easy and dangerous for the user, mobile phishing is: as a matter of facts the link points to a bogus Twitter-like site, but, believe me, from a 3.7″ screen is really difficult to discriminate it.
The page is really similar to the real one:
But yes, if you look carefully at the address bar (but at the 6 AM with the sleep fog surrounding you is not so easy) you will notice a misplaced detail and it is the link (currently up): hxxp://www.ltwittier.com/session-verify (but not all the address is visibile on the bar). If you click on the text box the situation is even worse since the address bar, a default beaviour for the Android Browser, disappears.
Needless to say, if you login, your account will be hacked and your contacts will suffer the same fate.
This event shows how easy is to fall victim of phishing in case of mobile devices and, even worse, in case the bait comes from Social Network (and a professional social network how Twitter is for me, in which I trust the reputation of my contacts).
Always remember to check the links and be careful to follow strange links from mobile devices!
If you point to the incomplete link: hxxp://www.ltwittier.com/ there is a clear evidence of the fact that the site is bogus:
http://paulsparrows.files.wordpress.com/2011/09/wronglink.png” alt=”” width=”300″ height=”494″ />
- 856,224 hits since November 2010
08/13/2011 - My Post on Android Malware Mentioned on Engadget.
04/14/2011 - The Article Smart Grid: L'ultima Frontiera del Cybercrime published on ICT Security Magazine May 2011.
03/14/2011 - Security Summit 2011: Paolo Passeri guest at Round Table "Mobile Security: Rischi, Tecnologie, Mercato"
02/14/2011 - The Article Gears of Cyberwar published on ICT Security Magazine January 2011.
About This Blog
In this blog I express my personal opinion, which does not necessarily reflects the opinion of my organization, about events and news or interest, concerning information security, winking to mobile world and, why not, to some curious personal event.
Every information is reported with its source.
Anyone intending to use information contained in my post is free to do so, provided that mention my blog in your article.
Top Posts & Pages
- List Of Hacked Celebrities Who Had (Nude) Photos Leaked
- 1-15 July 2014 Cyber Attacks Timeline
- 2014 Cyber Attacks Timeline Master Index
- 2012 Cyber Attacks Statistics
- A (Graphical) World of Botnets and Cyber Attacks
- 2013 Cyber Attacks Statistics
- 2013 Cyber Attacks Statistics (Summary)
- 1-15 June 2014 Cyber Attacks Timeline
- 2013 Cyber Attacks Timeline Master Index
- June 2014 Cyber Attacks Statistics
- P.F. Chang's incident calls for updating payments tech lnkd.in/dQpjRE8 - 1 day ago
- @artbyalida @thepacketrat he did the same one week ago for CNET… - 1 day ago
- WSJ website hacked, data offered for 1 bitcoin -> Here's a cyber attack that will be included in the next timeline: arstechnica.com/security/2014/… - 1 day ago
- @HP TippingPoint and @lastlineinc team up to offer advanced network protection h30499.www3.hp.com/t5/HP-Security… - 1 day ago
- Without a good Italian espresso it's impossible to build cutting-edge technology! http://t.co/GZTZFXktsc - 1 day ago
- @lastlineinc recognized by CRN as a 2014 Emerging Vendor | Business Wire businesswire.com/news/home/2014… - 3 days ago
- 1-15 July 2014 Cyber Attacks Timeline #Infosec #Cyberattacks wp.me/p14J6X-2D9 - 4 days ago
- @ckreibich same test worked with an @A10Networks SSL inspector: malicious files downloaded through an https connection perfectly detected! - 1 week ago
- RT @lastlineinc: 'Cloud malware analysis a must-have for advanced threat protection' @TechTarget bit.ly/W70Opa http://t.co/ji5qWtt… - 1 week ago
- RT @cedricpernet: We are proud to be the first french guys to release a white paper about an #APT group :) ow.ly/z2fzL #cybercri… - 1 week ago