‘Found a funny picture of you!’ Twitter phishing attack

We’re now regularly seeing Twitter accounts which have fallen into the hands of cybercriminals, sending out messages to their online friends with the aim of tricking them into handing over their all-important username and password.

Here’s one of the latest attacks, shared with us by our friends at @TweetSmarter:

Found a funny picture of you [LINK]

I saw a real bad blog about you, you see this? [LINK]

If you make the mistake of clicking on one of the links you are taken to a fake Twitter website, created with the aim of purloining your username and password.

Careless users might enter their credentials automatically, assuming that their session on Twitter has simply timed out. Doing so is disastrous, not only can the hackers now access your Twitter account they could also – potentially – use the password at other online accounts you may own.

Everyone…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter, Mastodon, or Threads to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.