Last night, thousands of people on Twitter got a weird direct message. It happened to a lot of people including myself.
I’ll let Twitter explain.
Twitter said:
If you receive an email notice saying you’ve received a Direct Message with a link that redirects to what seems like Twitter.com, be careful about entering your Twitter credentials. Instead, look closely at the URL to see if it’s not really Twitter but a sketchy phishing site like http://twitter.access-logins.com. If this has you feeling a bit weirded out, feel free to change your Twitter password.
Update: The suspicious site is being blocked. More information at the Twitter Blog.
The link, which says jannawalitax.blogspot.com “has a funny video about you” or “a funny post about you” which would send you back to the log-in page of Twitter.
Except it wasn’t the log-in page if you noticed the address bar.
Phishing folks, no doublt about it. If you put your name and password in, the virus was looking for your personal information.
Twitter advised folks who fell into this scam to change their passwords. Having had my personal website hacked a few weeks ago, it’s absolutely the most irritating thing that can happen.
Buzznetworker has more practical information on changing your passwords if need be if the Koobface virus has become a reality for you.
UPDATE: It appears the second wave of the Koobface virus is hitting Twitter. Instead of the link to a faux blogspot, the DM which is probably from one of your twitter pals, is sending you to the fake Twitter log-in page. Best advice is not to give your information out and to change your passwords. NewsTechZilla will keep watching to see where this virus goes.
UPDATED: Twitter tells you what to do in this second wave of the virus.
What If I Get Tricked?
Some folks may have clicked the link and given their Twitter password to the phishing site. In those cases it would be possible for the phisher to send out direct messages on your behalf which could trick your followers. In those cases, we proactively reset the passwords of the accounts.
So, if you find yourself unable to login to your account with your username and password, please use the reset password link to regain access. This will send an email to the address associated with your account and you’ll be able to create a new password.
If you don’t receive the reset password email, please check your junk or spam email folder as it may be accidentally delivered there. If you are still having trouble logging in, please contact our support team and we’ll help you out.
WANT TO READ MORE?