Pictures of Osama Bin Laden phishing attack hits Twitter users

Phishers are once again on the prowl for unsuspecting Twitter users, tempting their prey with the promise of pictures of Osama Bin Laden.

Pictures of Osama Bin Laden

Pictures of Osama Bin Laden [LINK]

Some of the accounts had earlier posted a similar message (complete with some rather sloppy spelling):

Sign up to our free newsletter.
Security news, advice, and tips.

Pics of Osama Bin Laden Are Finally Released! [LINK] ::wanring very gorry::

Clicking on the links takes you to what appears to be the normal Twitter login page.

Fake Twitter login page

Would you enter your username and password at this point?

Take a close look at the URL before you make that decision.

Pictures of Osama Bin Laden phishing url

Hopefully you notice that it’s not the real Twitter URL – it’s a phishing site set up to steal your username and password.

If you make the mistake of entering your username and password then you will handing over the keys to your account to phishers, who would then be able to use your account to read your private messages, send messages (perhaps spam-related or containing malicious links) to your followers.

Worst of all, if you’re one of those people who uses the same password as you use elsewhere on the internet – you’ve now told the cybercriminals how to access, for example, your Gmail, Hotmail or PayPal accounts as well.

If you found your Twitter account was one of those sending out the phishing messages, or if you made the mistake of entering your username and password, then you must change your password as soon as possible.

Not just on Twitter, but also make sure you’re not using the same password anywhere else on the net. You have to consider that password is now compromised.

There’s some other house-cleaning you should do on your Twitter account too. Visit the Applications tab in “Account Settings”, and revoke access for any third-party application that you don’t recognise.

Follow me on Twitter at @gcluley if you want to keep up-to-speed with the latest threats, and learn how to protect yourself.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.