Lwitter, a controlled Twitter phishing

New direct Twitter messages are circulating that are automatically sent from compromised accounts, in fact it is the classic phishing that seeks to attract the user's attention so that they click on a link and end up on a false page that asks for their password.

One of the messages circulating is the following:

geez this asshole is making updates with fucked up things that concern you (short link)

These phishing attacks are usually very effective when spam messages are received from friends or famous contacts. Curiously, this time the DM received it from the account of a Google employee who compromised his profile without realizing it, although he has already solved it.

The link redirect to a fake page(currently blocked by anti-phishing filters), in the following screenshot you can also see the WOT plugin warning that the page has a bad reputation:

Despite the Twitter-like design, if you look at the URL carefully you will see that it is lwitterand not twitter.com. Once the data is entered they are sent to the server of a cyber criminal who uses the account to send spam automatically.

What to do in these cases?

In addition to warning the user, if you get caught in the trap you must change the password as soon as possible (if you used it in other services too).

You should also check the installed apps to revoke access to anyone who is strange or not actively using (Settings / Applications) and if the problem continues, it performs a full scan of the PC for malware … as some have the ability to take advantage of social networks to spread.