This you???? : Phishing attack hits Twitter users

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

There is another widespread phishing attack hitting users of Twitter today.

Phishing tweet

Messages asking “This you????” followed by a link are being sent via the system to unsuspecting users. If you click on the link you are taken to a fake Twitter login page, where hackers are just waiting for you to hand over your credentials. In fact, they can automatically post the phishing message from your account as soon as you hand over your details.

If you have received a message like this from one of your friends it is likely that their account has been compromised by cybercriminals.

Sign up to our free newsletter.
Security news, advice, and tips.

Watch this YouTube video for a demonstration of the phishing attack:

[youtube=http://www.youtube.com/watch?v=yFVqfgnZV6M&hl=en_GB&fs=1&rel=0]

It’s bad enough if hackers gain control of your Twitter account, but if you also use that same password on other websites (and our research shows that 33% of people do that all of the time) then they could access your Gmail, Hotmail, Facebook, eBay, Paypal, and so forth.

Password chart

So, be cautious about the links you click on, choose a strong password, and – if you have found that you’re spreading suspicious messages from your Twitter account or believe that you have been compromised – change your passwords immediately.

You should also check your Twitter account and check the Settings/Connections screen. If there are any third party applications you don’t recognise listed there, revoke their permission to access your account.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.