Phishing has long been the bane of the e-mail world. Sadly, phishing has also made its way onto Twitter.
One of the biggest problems seems to be the flurry of Twitter-related services in which you have to provide your username and password to gain access. Unfortunately, many phishers are reeling in big catches as people happily provide their personal information.
Over the weekend, a phishing attack hit Twitter in which people received direct messages with text: “hey! check out this funny blog about you…” After you clicked on a Blogspot.com link, it took you to a page that looked like the Twitter login page. Instead, it was a site – twitter.access-logins.com – that collected your user name and password information.
The proliferation of phishing attacks is yet another example of how Twitter needs to be far more pro-active in serving its growing legion of users. Rather than having people submit user names and passwords on Twitter-related services, Twitter should be actively support initiatives such as OpenID and OAuth.
This would give people a way to access services in a secure way rather than consistently exposing themselves and their personal information to phishing attacks.
Twitter has been aggressive recently in cracking down on fake Twitter accounts; it now has to turn its full attention to phishing.
This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.
Phishing Slamming into Twitter
Phishing has long been the bane of the e-mail world. Sadly, phishing has also made its way onto Twitter.
One of the biggest problems seems to be the flurry of Twitter-related services in which you have to provide your username and password to gain access. Unfortunately, many phishers are reeling in big catches as people happily provide their personal information.
Over the weekend, a phishing attack hit Twitter in which people received direct messages with text: “hey! check out this funny blog about you…” After you clicked on a Blogspot.com link, it took you to a page that looked like the Twitter login page. Instead, it was a site – twitter.access-logins.com – that collected your user name and password information.
The proliferation of phishing attacks is yet another example of how Twitter needs to be far more pro-active in serving its growing legion of users. Rather than having people submit user names and passwords on Twitter-related services, Twitter should be actively support initiatives such as OpenID and OAuth.
This would give people a way to access services in a secure way rather than consistently exposing themselves and their personal information to phishing attacks.
Twitter has been aggressive recently in cracking down on fake Twitter accounts; it now has to turn its full attention to phishing.
Technorati Tags: phishing, twitter