The method is by asking you to login into your account by saying ‘someone has talked bad about you’, and hence asking you to login into a site which looks legitimate or ‘twitter like’. In most cases, a direct link will be provided in that tweet which normally comes in the form of a Direct Message (DM).
CyberSecurities Malaysia said “The phishers are mimicking Twitter’s URL with the address http://itvviter.com and we found that the site is being hosted in China.”
The phishing site will also redirect users to Twitter’s actual app authentication site at https://twitter.com/oauth/authenticate to dupe users into thinking that the earlier site is legitimate.
The action of mimicking another site is known as phishing, and it has been used by scammers to obtain banking information. However, scammers or phishers have moved to twitter due to its popularity.
It was revealed that once phishers gain access to your account, they will lock and hold it, with you having minimal chances of getting control of the account again.
Hacking of Twitter accounts have been on the rise with some famous Malaysian twitter celebrities, including tech savvy bloggers falling victim.
Tweeps feeling that they have been compromised are advised to change their password immediately.