CNBC.Com Spoof Twitter Spam on The Rise

Of late, Twitter users are being  bombarded with tons of direct messages which contain links to a spoof CNBC website that shows you how to make tons of money while sitting at home. While these types of spam messages are not new and have been circulated in the past (See: Want to Start a Real Internet Biz This Year?), the number of DMs these days are hitting the roof.

CNBC.com Twitter DM Spam

The spam is being circulating in various forms and includes messages (accompanied with a spoof CNBC.com link) like:

Hey, Be your own boss man!

Hey, Why be bitched around, turn the tables on em!

Hey, Change your life, TODAY!

Hey, Why bother doing somebody elses dirty work?

Hey, This is how you make REAL money!

Though these spam messages are not as bad as the bad rumors about you and terrible things about you phishing attacks, they are annoying as hell. The links are created by some work-from-home scammers who want to rip you off and make money themselves.

The link in the message usually takes you to a website which looks very similar to CNBC.com and contain fictitious headlines like “New York Mom Earns $6,795/Month Part-Time”. The website also goes on to detail their online business in the rest of the content and how they are making tons of money accompanied with some fake screenshots of Google AdSense and other money-making websites.

While it is easy to fall prey to because the the website is designed to look like CNBC (and many times other popular news outlets), as a user, you should always look at the URL to see what the domain is.  For example, CNBC.com should always end in CNBC.com followed by any additional parameters and not CNBC.com-scammerdomain.info as in this case.

It is apparent that the users themselves are not sending these messages. So, it might be that users’ accounts are being compromised using other phishing attacks or Twitter apps. As a precaution, change your Twitter password immediately if such messages were sent from your account and also revoke app permissions on Twitter.

Work from Home scams have been going around for years now, but the barrage of spam hitting both Twitter and Facebook is very high. It is high time that both these social networking websites up their ante and start protecting their users from spammers and scammers.

 

Hey This User is Posting Very Bad Rumors About You – Twitter Phishing

Of Late,  has been a target of lot of spam messages, but the most recent ones are pretty dangerous phishing attacks and can allow a spammer to access your Twitter username and password. Most recently Twitter phishing attacks have spread through DM messages like “You Seen What This Person is Saying About You Terrible Things” and “Somebody is Saying Real Bad Rumors About You“.

The new phishing attack is spreading on Twitter through messages like:

Hey this user is posting very bad rumors about you…

Hi someone is posting horrible rumors about you…

The messages above are accompanied with a link which takes you to a phishing website that looks very similar to Twitter. The websites’ URL is also made to look very similar to that of Twitter.

twitter_phishing_dm_attack

Once you are on the website, you will be asked to sign in to your Twitter account because your session has timed out. If you enter your username and password into the phishing page, the scammers will redirect you to Twitter and ask permission to install an app which will then send out the rogue message as a direct message to all your followers and continue spreading the phishing attack.

Please DO NOT enter you username and password since the scammers will then gain access to your account username and password. If you already have done so, make sure to change your Twitter password IMMEDIATELY. Also follow our guide to remove apps from Twitter to revoke permissions to the rogue app that you granted access to.

Please do share this page with your Twitter friends so that they are aware of this phishing attack.

Somebody is Saying Real Bad Rumors About You Twitter Phishing Attack

Last month users were attacked using a DM scam where users received direct messages from people they know saying "You Seen What This Person is Saying About You Terrible Things". The affected several users who went on to click on the accompanying link and then entered their Twitter username and password on the phishing website.

It looks like another similar scam is currently spreading on Twitter through direct messages. The phishing scam is similar to the earlier attacks and is spreading with the following message:

Hi. somebody is saying real bad rumors about you here ;(

The message is accompanied by a link, clicking on which will lead you to a website which spoofs the twitter interface and tells you to login using your Twitter username and password. The URL is also made to look very similar to that of Twitter.

twitter_phishing_dm_attack

The webpage in question asks you to enter your username and password and then redirects you to install an app on Twitter which in turn sends out rogue messages to all your followers.

Please DO NOT enter you username and password since the scammers will then gain access to your account username and password. If you do enter your username and password into the phishing page, the scammers will then redirect you to Twitter and ask permission to install an app which will then send out the rogue message as a direct message to all your followers and continue spreading the phishing attack.

To avoid phishing attacks, always look at the URL to see whether you are entering your password on the site itself and not some masked URL which is made to look like the original site. Additionally, you should also periodically check the apps you have given access to in your Twitter account and remove unwanted apps. Learn how to remove apps or revoke app permissions in Twitter.

You Seen What This Person is Saying About You Terrible Things Twitter Phishing Attack

We have been seeing a lot of Facebook Scams these days, however, it looks like is also being attacked by users with a lot of scam messages. Unlike most of the Twitter scam messages spread through direct messages and are usually phishing attacks.

Twitter DM Phising Message

A new direct message scam is spreading on Twitter right now with a direct message:

You seen what this person is saying about you? [link] terrible things..

The above message comes from someone you might know and follow on Twitter and looks pretty real. If  you click on the URL accompanied in the message, you will be taken to a webpage which is designed to look like Twitter and asked you enter your username and password.

twitter_dm_phishing_attack

Please DO NOT enter you username and password since the scammers will then gain access to your account username and password. If you do enter your username and password into the phishing page, the scammers will then redirect you to Twitter and ask permission to install an app which will then send out the rogue message as a direct message to all your followers and continue spreading the phishing attack.

Most modern browsers like and will detect the URL as a phishing website so you might be better off upgrading to a secure browser.

To avoid phishing attacks, always look at the URL to see whether you are entering your password on the site itself and not some masked URL which is made to look like the original site. Additionally, you should also periodically check the apps you have given access to in your Twitter account and remove unwanted apps. Learn how to remove apps or revoke app permissions in Twitter.

Pics of Osama Bin Laden Are Finally Released – Twitter Phishing Attack

Since the death of the most wanted criminal, terrorist leader Osama Bin Laden, there have been several scams and phishing attacks spreading on Facebook and Twitter, which claimed to show a leaked death videoof the terrorist.

For a while, scams and phishing attacks related to Osama Bin Laden had stopped, but now phishers are once again on the look for naive Twitter users, promising and tricking them to show leaked pictures of Osama Bin Laden.

Users on Twitter are tweeting (RT) a message that states – “Pics of Osama Bin Laden Are Finally Released! [LINK] ::wanring very gorry::”. The same message is spreading with simplified content – “Pictures of Osama Bin Laden [LINK] that leads to a page”

Pics of Osama Bin Laden Are Finally Released - Twitter Phishing Attack

Clicking on the short URL will lead to a site which is a clone of Twitter home page. You are asked to login to Twitter by providing your username and password. Before you enter your login details, take a look at the URL in your browser’s address bar. You can see that it’s a fake URL and it is simply an attack to steal your login details.

If you enter your login credentials and click on Sign in button, your account details, including the password will be sent to the phisher via email. The phisher will then have complete control over your Twitter account, who can use your Twitter account by further spreading the scam message to your followers by tweeting and sending them private messages.

If you happen to use the same password in multiple places like Facebook and Gmail, it is likely that your other accounts might be compromised as well. This way, the phisher can steal more information for financial gain.

I suggest you to avoid clicking on the link and alert your followers about the attack. If you have mistakenly clicked on the link and entered your login details, then change the password of your Twitter and all other accounts immediately. Also, contact your followers to stop re-tweeting the message and ask them to change their account password as well.

Twitter has been a victim of  several  scams  in the  past, most of which were sent through direct messages (DM), however, the DM scams have come down considerably after Twitter employed a brilliant spam protection for DM messages. However, it looks like spammers have begun using the plain old email scams to trick users again.

Please feel free to retweet this post so that your friends and followers will be aware about the issue.

WARNING: TwitVerify Scam Spreading on Twitter

Just like Facebook Scams, there are also a large number of attempts to scam users too. Recently a new scam is making the rounds of Twitter where users are sent messages about a Twitter app called TwitVerify + Profile Spy.

Twitter

There is widespread messages on Twitter asking users to not click on links such as “click verify”. There are several variants of this rogue and many people are reporting it as TwitVerify, TwitVerification and Profile Spy.

We advise you not to click on the links and remove the app from your profile if you have already done so and change your password immediately.

If you aren’t sure how to remove apps from Twitter, follow our earlier guide on How to Revoke Permissions for Twitter Apps. Please feel free to pass along this message to your friends.

Free iPad Tweets Spamming Twitter Mentions

Recently we gave away a free iPad to a lucky winner as our Christmas gift to our readers. That contest is over so where would you get a free iPad now? Not from those stupid bots pretty ladies on who mention you in tweets and tell you that you can win a Free from some site.

Free iPad

First of the Free iPad mentions are a scam and I urge you to report the sender as spam and block them. Secondly most of the free iPad tweets are basically spam. If you are enticed and click on those links, you will be asked to fill up some survey which could lead to tons of email spam or you could potentially just download some virus or malware to your PC.

Some of these links could be as bad as the Facebook scams doing rounds of the internet and you could unwittingly share something on your timeline.

So please don’t click on the links when you see these kind of messages. Anything Free comes with a catch Smile. However, when we say that we are giving away an iPad, it is for real Smile.

Twitviewer Another Twitter Worm On The Prowl

Yes we all want to know who is visiting our profile pages, however don’t yet fall for that trap in the form of Twitviewer which claims to show you which users have visited your profile.

Twitter has already sent out a notice to users to change their passwords if they have used that service.

twitter_spam_alert

To add to that advisory we also would like to say that, DO NOT use twitter services that ask for your username and password, twitter has a very easy to use OAuth API which can easily allow you to use any application without sharing your passwords.