UPDATE: This story continued later the same day and I blogged it here.
I noticed this morning, the appearance of a very sneakily typoed (is that even a verb) phishing website targeting users of the social networking and micro-blogging website Twitter
The URL for the phishing is deliberately misspelled in such a way that at a cursory glance it looks like the real thing www.tvviter.com, that’s with a double “v” and a single “t” (please DON’T visit this site). Has been designed to harvest credentials and is currently directing users (through intermediate fake personal websites and using URL shortening services) to sites hosting, euphemistically titled “Adult Dating Services” by automatically adding followers to the compromised accounts.
If anyone is duped into handing over their account credentials, in addition to opening up their account to abuse, they will find that several new followers appear on their account.
On following links to these profiles, their immediate purpose appears to be to redirect to adult dating sites, making the scammers money in the process through a pay-per-click affiliate scheme.
The URLs concerned are under ongoing analysis for malicious content, please do not feel tempted to visit them, even out of curiosity.