A TREND MICRO BLOG

May 21

Tvviter Typosquatting Phishing Site

Rik Ferguson

Filed under: Phishing, Web 2.0 | RSS 2.0 | TB | Tags: , , | 4 Comments

UPDATE: This story continued later the same day and I blogged it here.

I noticed this morning, the appearance of a very sneakily typoed (is that even a verb) phishing website targeting users of the social networking and micro-blogging website Twitter

tvviter

 

The URL for the phishing is deliberately misspelled in such a way that at a cursory glance it looks like the real thing www.tvviter.com, that’s with a double “v” and a single “t” (please DON’T visit this site). Has been designed to harvest credentials and is currently directing users (through intermediate fake personal websites and using URL shortening services) to sites hosting, euphemistically titled “Adult Dating Services” by automatically adding followers to the compromised accounts.

 

If anyone is duped into handing over their account credentials, in addition to opening up their account to abuse, they will find that several new followers appear on their account.

 

 followers2

On following links to these profiles, their immediate purpose appears to be to redirect to adult dating sites, making the scammers money in the process through a pay-per-click affiliate scheme.

adultdate

 

The URLs concerned are under ongoing analysis for malicious content, please do not feel tempted to visit them, even out of curiosity.


Bookmark
| More

This entry was posted on Thursday, 21. May 2009 and is filed under "Phishing, Web 2.0". You can follow any responses to this entry with RSS 2.0. You can leave a response here, or send a trackback from your own site.

4 Comments

  1. Thursday, 21. May 2009 um 10:20 am

    [...] | Author Profile Security vendors have warned about a fake phishing website targeting users of Twitter, designed to convince users to [...]

  2. Friday, 22. May 2009 um 9:33 am

    [...] Tvviter Typosquatting Phishing Site » Counter Measures [...]

  3. Tuesday, 26. May 2009 um 5:46 am

    [...] the creation of bogus Twitter accounts, which the scammers used to “follow” other users, says Rik Ferguson, a senior security advisor at security-software maker Trend Micro. If these users checked out the profiles of their new followers and clicked on the Web addresses [...]

  4. Sunday, 30. August 2009 um 8:33 am

    [...] Tvviter Typosquatting Phishing Site » CounterMeasures countermeasures.trendmicro.eu/tvviter-typosquatting-phishing-site – view page – cached A Trend Micro Blog. Rik Ferguson and others blog about security related issues — From the page [...]

Leave a comment

XHTML allowed tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Spam protection

© Copyright 2010 Trend Micro Inc. All rights reserved.
Legal Notice. Disclaimer