Twitter warns of phishing scam

California, United States, January 5: The social networking and micro-blogging service, Twitter, warned its users about the phishing scam that redirects them to a look-alike site to know their username and password.

Twitter Co-Founder Biz Stone wrote on the company's blog: "We've identified a phishing scam directed at Twitter users and we don't want you to get tricked into giving your password to a scammer."

The scam tricks the users into visiting the phishing site. The scam messages like "hey! check out this funny blog about you?" or "Hey, i found a website with your pic on it? LOL check it out here” are send to users via email. The links of the messages redirects to a site like twitter.access-logins.com masquerading as the Twitter front page.

Twitter admitted through its blog that it is the most recent target of a phishing scam. The networking site warned the users to look closely at the URL field and if it has another domain besides Twitter but looks exactly like Twitter page then it's a fraud and they should not sign in. The users must cross-check the address bar before signing in.

The blogging network, Chris Pirilo recommends, “Do not log in to your Twitter account through any site other than Twitter.com. This may go without saying, but consider how many third-party Twitter services you use? Seems it’s about time for some kind of verification / validation for applications using the Twitter API - so you can be sure you’re passing your credentials to the right people. I’m guessing this particular phishing scam is not using the API (but there’s no way for a user to properly verify).”

Twitter has urged users to reset the passwords because some people may have clicked the link and given their Twitter password to the phishing site. In those cases, it would be possible for the phisher to send out direct messages on users’ behalf which could trick their followers.

If the users find themselves unable to login then they need to use the reset password link to regain access. If there is still any problem then http://twitter.com/help will assist them.