Here is how I think this happened. I have a strict password policy for myself and change it frequently. I test new tools regularly and make sure if the new tool asks for a Twitter login it is through the Twitter API and not asking me to login with username and password.
Today I got a DM with this text "I saw that you viewed my profiler earlier :D want to know how i found out? http://bit.ly/XXXXX" ( Purposely added Xs so that link is not clicked by mistake. I ignored it as it seems sneaky anyway for a few hours. I went back to this tweet a few hours later and curious if this was a feature to check out like Linkedin's "Who viewed your profile". I am not sure if I was on a mobile device or my personal laptop so I did not notice that the link actually goes to a phishing page.
If you want to see the phishing page the link is http://hri.stalktrak.com/authorize_app_1/function.api.stalktrak.html( Please be careful if you click this page) . The correct URl to look for when using a Twitter auth is "https://api.twitter.com/oauth/authenticate?oauth_token=" followed by a string of characters comprising of a token. Anyway I appreciate the fact that Twitter has a mechanism to stop the DMs when it sees a pattern or the account exceeds a daily DM limit.
I am also thankful to be warned by a few of my friends as well. I managed to get to a computer and change my Twitter password quickly . Luckily I use different passwords so I won't have to change passwords at other places. It seems like this scam has been around for some time. Here is a post from July 2011. I reported the link to the US Computer Emergency Reradiness Team phishing page.
Lesson learned that you can never be too careful and I hope this helps you be cautious as well.
No comments:
Post a Comment