Check out this funny blog post about you…

Jan 3, 2009 · 6 comments

in social media

The direct messages (DMs) on Twitter have been flying fast and furious today:

hey! check out this funny blog about you… http://jannawalitax.blogspot.com/

Clicking on the link redirects the visitor not to a blog post, but what appears to be a standard twitter login page.

access-logins

There is, however, one significant difference: the URL is http://twitter.access-logins.com/login/. This is NOT a twitter site, rather, it is a ‘phishing site’, masked to look like a trusted site, collecting usernames and passwords.

The unsuspecting visitor enters their username and password on the access-logins site, and is then redirected to the ‘real’ twitter homepage and must log in again.

The system sends out direct messages, so it is spreading silently, without being readily tracked on the public timeline.

Access-logins.com was registered as through the Chinese registrar “XIN NET TECHNOLOGY CORPORATION” on December 16th, 2008. If you slightly modify the URL to http://access-logins.com you’ll see a spoofed Facebook login page.

fb-phish

There are many “warning” tweets now going out about this message, in particular warning folks that their accounts have been compromised. So far the only advice I’ve seen regarding what to do if you’ve been compromised is to change your password and clear your browser cache. I welcome feedback or suggestions from those who have been affected.

UPDATE (5:19 MST): the twitter blog is updated, warning people of the problem.
UPDATE (6:11 MST): within a few hours of the problem, my browser is warning me from accessing http://access-logins.com:

reported-web-forgery

UPDATE (7:17 MST): A new DM has cropped up, no longer directing users to a fake blogspot account:

Hey, i found a website with your pic on it… LOL check it out here http://twitterblog.access-logins.com/login

{ 6 comments }

1 Sire Jan 3, 2009 at 5:15 pm

Why would they bother? It’s not like they would get any useful information from it, like bank details and such. Unless their intention is to use the twitter social media to promote some other scam using the names of reputable Twitter members, I just don’t see the point. Please Andrea, explain to this Boob from Down Under what I am missing?

Oh, and may I suggest that you add some sort of plugin that allows people to subscribe to individual posts? I know it would make me happy. :)

Follow me on twitter:

2 Andrea Hill Jan 3, 2009 at 5:32 pm

Hi Sire,
I actually was just playing around with my plugins the other day, and disabled that feature. It’s back now :)

Follow me on twitter:

3 Sire Jan 3, 2009 at 5:35 pm

Thanks Andrea, I feel so much better now ;) I hope you had a good Christmas and a better new year, and I wish you all the best for 2009/

Follow me on twitter:

4 chrisabraham Jan 3, 2009 at 6:04 pm

Here’s some more news: “Check out this funny blog post about you…” PHISHING scheme (article by Andrea Hill) [link to post]

http://twitter.com/chrisabraham/statuses/1094328952

– Posted using Chat Catcher

5 wowo101 Jan 3, 2009 at 6:15 pm

ok, seems to be old news: [link to post]

http://twitter.com/wowo101/statuses/1094346559

– Posted using Chat Catcher

6 Armen Shirvanian Jan 4, 2009 at 9:26 pm

It sure isn’t an enjoyable item to see trickery such as this showing up, but the quick response has become a common event, as people from various sites readily respond to attacks of this type. The current state of social networks is a fairly stable one, as almost anything that can be tried is tried, and any problems are dealt with within a few hours. Twitter is a prime target for new methods of attack, as it rapidly rises in usage.

Comments on this entry are closed.

Previous post:

Next post: