phishing

If you receive a DM on twitter “This made me laugh so hard when i saw this about you lol” it’s a phishing scam to get your twitter login details. Your account will then send that or similar DM’s on to your friends.

Why are so many of my twitter friends caught out by this scam? These scams are most effective against users of mobile devices. It’s hard to read the misspelled URL that looks like twitter’s.

As this attack matures, the exact phrase used will change. The way to be safe on a mobile device is

1. use the twitter client for your device or a well known 3rd party client (like TweetDeck).
2. login on that client only

Tags: Cloak and Dagger, Internet memes, mobile device, phishing, Social engineering, twitter, World Wide Web

There’s an interesting article over at eWeek about a Romanian phisher who may have access to eBay’s internal customer databases.

Updated: The auction behemoth is being skewered by Vladuz, the Romanian impaler, and the e-villagers are whispering that he’s sucking customer and service rep account lifeblood directly from eBay’s internal databases. Is he that spookily talented, or is he just another, albeit talented and lucky, phisher who also stumbled on an e-mail with internal accounts?

Vladuz illustrates the “show me the money” motivation behind high-tech crime.

Tags: eBay, malicious, phishing