Don’t Go Phishing on Twitter – Elf Knows It [ARCHIVED]
I received a direct message on Twitter today which said "Haha – is this you?" and a link to a website, the link is directed to a phishing site to collect your Twitter account details, the site is identical to Twitter, apart from a misplaced < symbol on the top. Many people might get stung by this because you’re coming from Twitter, asked for your Twitter account details, so by habit you will type them in.
What to look out for
The domain they are using is expressplacement.com or twitter.expressplacement.com or sometimes video.twitter.expressplacement.com.
The most important thing to say though is never give out your Twitter details unless you can clearly see you are on the domain Twitter.com and no where else, unless you are a user of Twitpic etc.
But just use common sense too, if you are logged in and looking at your messages and a link asks you to log in again, ignore it. Twitter will never make you sign in twice.
Keep an eye out.
-Mark