In the following screenshot you can see a Phishing page that seeks to steal Twitter accounts, the design is quite convincing but the URL reveals the deception:
Once the victim enters the data, they are redirected to a YouTube video related to Bin Laden, thus forgetting that seconds before the password was requested. The page is spread through spam accounts, according to Websense, the rate of tweets became 200 per minute!
Spam tweets about Bin Laden
Note: The spam campaign is still active, so be careful with the links you see in the images (try not to enter).
In the following screenshot you can see the statistics of one of the links They use under the bit.ly shortener:
Clicks received by the spam link
In about 6 hours and more than 30 thousand tweets, almost 2,000 people clicked on the link. Not bad for being automatic and requiring minimal investment, you have to keep in mind that at the same time they are doing it with dozens of different links.
Another link, for example, got double clicks and as you can see, the fake page was under a slightly different URL:
Data from another spam link
Detecting these attacks is simple, just always check links before clicking (in the case of bit.ly they can be expanded to see the real destination) and carefully watch URLs before entering passwords.
Many of these spam tweets were sent from accounts like this:
Twitter spam profile
The profile has all the characteristics of a spam account, default image, few followers, repeated links, etc. However, other spam profiles may seem more real, so you must always be careful, even with the messages that our friends publish.
See also: Twitter, girls, football and thousands of spam links. Control the applications that have access to your Twitter account.