Phishing Scams finally hit Twitter!

January 3rd, 2009
by Christopher Kusek (PKGuild)

Ever been Phished on Twitter? Get ready to.

You might receive a message similar to this:

hey! check out this funny blog about you...

Going to this page causes a redirect to this lovely site:


Wow, that looks like the Twitter login page, however it isn’t Twitter.

Don’t enter your credentials, for you begin to enter into the world of being Phished!

Simply clicking on each of their links results in a broken page as well (That’s not very good phishing!)

Not Found

The requested URL /about was not found on this server.

Even their SignUp link is broken!

Once you enter your credentials you’re passed on to the mainsite and are able to see the basic information you’d see as if you were logging in to twitter.

I created a test account specifically to bring you that information :)

So, beware, and be sure not to visit this site and enter your credentials.

This is REAL Phishing in motion!

FYI: When this operates correctly, it appears to operate in an almost “Worm-like” fashion by infecting one person and then sending the payload “Auto-DM” to everyone that is following the person, so on and so forth while it spreads itself through the interwebs.

I’m still trying to self-infect a test account in order to see it in action, but so far on luck!

Tags: , , ,
Posted in Baltimization, Blog, Christopher Kusek, General, Informational, Social Media, Twitter | Comments (7)

  • […] Phishing Scams finally hit Twitter! by Christopher Kusek […]

  • Thanks for taking the time and creating the additional Twitter account to figure out what this Phishing scam is about. I RT’d the link to this post.


  • john says:

    Thanks for the work. I received a dm from a friend and followed it but stopped at the login because it seemed suspect. This seems to be fooling many. I will be interested in finding out the motive if any.

  • Jordan says:

    Firefox seems to be working quite diligently because visited the url pops up the infamous This web site at has been reported as a web forgery and has been blocked based on your security preferences.. At least for now you know that users who use Firefox (and probably Chrome) won’t have to worry about this tactic.

  • Andrea Hill says:

    One major benefit of this scam: I found your blog while googling it! I enjoy your coverage, and I’ll be subscribing :)

  • David says:

    @ Jordan: Both Google and OpenDNS blacklisted the website soon after Twitter notified them of the events happening. I guess most users should be somewhat protected against the scam by now, regardless the browser they’re using.

    • Archives