Ever been Phished on Twitter? Get ready to.
You might receive a message similar to this:
Going to this page causes a redirect to this lovely site: http://twitter.access-logins.com/login/
Wow, that looks like the Twitter login page, however it isn’t Twitter.
Don’t enter your credentials, for you begin to enter into the world of being Phished!
Simply clicking on each of their links results in a broken page as well (That’s not very good phishing!)
The requested URL /about was not found on this server.
Even their SignUp link is broken!
Once you enter your credentials you’re passed on to the Twitter.com mainsite and are able to see the basic information you’d see as if you were logging in to twitter.
I created a test account specifically to bring you that information :)
So, beware, and be sure not to visit this site and enter your credentials.
This is REAL Phishing in motion!
FYI: When this operates correctly, it appears to operate in an almost “Worm-like” fashion by infecting one person and then sending the payload “Auto-DM” to everyone that is following the person, so on and so forth while it spreads itself through the interwebs.
I’m still trying to self-infect a test account in order to see it in action, but so far on luck!