Twitter is under attack and many users have been ordered to change up their passwords. Today’s Twitter phishing attack forced the site to deny access to Tweeters due to one person’s ability to gain access to a bevy of user accounts. The Tweeters affected by the scheme reported that fake e-mails and direct messages on Twitter are being passed around and pushing people to phishing sites. Twitter later announced that the emails warning about the phishing are actually legitimate and if users are sent such an email, they should heed the warning and change up their password. Other sites and blogs, such as Mashable, are offering up some safety tips and precautions for Twitters users.
“If you get a Twitter direct message today reading: ‘check out this funny blog about you,’ we advise you don’t. The link leads to a fake Twitter login page that attempts to steal your Twitter login,” says Mashable. “Particularly susceptible to this attack are Twitter users who get their DMs [direct messages] delivered by email: it’s perfectly natural to be prompted to log in after clicking through from your e-mail account.”
Mashable also noted that it was not an abuse within NutshellMail that allowed the attack, as previously believed. The good news for Twitter is that they’ve finally made it to the big time—only truly profitable and popular Websites get phished. Let this be a lesson—and a little reward—to you Twitter.