We’ve all done stupid things at some point in our lives. And at some point, you probably clicked a link and cursed at yourself for ending up at a bad website. Thankfully, due to scams becoming increasingly predictable and the internet audience becoming increasingly skeptical, these scams haven’t been yielding big results lately. Unfortunately, a new scam that has taken Twitter by storm is hoping to do so, and this article is here to help you stay away from this new Twitter scam.
Some of the less brighter or more inquisitive people on your Twitter list probably clicked a URL that promised to show them a video of Obama punching a guy in his face for calling him a derogatory term. Sure, that’s interesting bait and I bet quite a few people would enjoy watching a video of that. However, if something like that was to happen, the New York Times or the Washington Post would probably have a news article about that on their front pages and it would be all over proper news websites, and not simply restricted to Facebook and Twitter.
The link leads to a fake Facebook page that asks for your Twitter credentials, which will then be used to hijack your account and continue the cycle of spreading the link by reaching out to everyone in your contact list on Twitter. After you’ve given up your Twitter account information, the cycle doesn’t stop there. The fake page throws up a fake YouTube applet that asks for an update of “YouTube Player”. On clicking the install button, you essentially download a worm that does a whole lot more than simply steal your Twitter information.
Earlier today, PandaLabs confirmed that this is a variation of a spam attack that’s been spreading for quite some time, and the Obama version is just a spin-off of the same scam. Earlier ones included text like, “Exactly what do you think you’re doing on this video?” or “Did you see this photo of you?” which are always sent with a malicious link.
Clickjacking has often been used as a technique for spammers and malicious attackers to get access to sensitive information on users computers, but due to the quick thinking and evolving security software out there, these generally get picked off by antivirus software or by the service provider (in this case Twitter) itself, which might filter out such messages. Twitter has not commented on this attack at the time of this article, and as far as I known, it is continuing on Twitter. Hopefully the spreading of this information will slow it down. Stay sharp!
==== About the Author ====
Avtar Ram Singh is a technology enthusiast who covers articles on topics ranging from social media and internet technologies to consumer devices. He is currently working with Lazada.