Phishing for twits

***MrLinus*** · November 14th, 2008 12:43 AM

I was curious as to what people thought of the recent use of twitter ranking sites to steal username/passwords of Twitter users (and thus likely get access to email and such).

**chaosclown** · November 14th, 2008 02:53 AM

i dont even know what twitter is, never heard of it. but i will do some research and get back to you

**The-Spec** · November 14th, 2008 04:44 AM

i dont even know what twitter is, never heard of it.

My guess is that it deals in mental masterbation.

I was curious as to what people thought of the recent use of twitter ranking sites to steal username/passwords of Twitter users

Sounds like a barrel of laughs.

***nihil*** · November 14th, 2008 11:10 PM

It looks like it might just be an attempt to embarrass Twitter and its users?

http://twitpic.com/lfm9

and: http://mashable.com/2008/11/12/twitterrank/

Amazing just how gullible some people can be

**t34b4g5** · November 15th, 2008 01:53 AM

Nihil it goes back to the saying.
"There's an idiot born every 5 Seconds".

**VicE$DoS$** · April 16th, 2009 04:13 PM

Sorry! I know this is an older thread.

I just wanted to ask if anyone sees any benefit in stealing twitter account details? What can be gained?

Other than the sheer embarrasment and perhaps a small probably negligable bit of reputation damage should it be a 'corporate twitter'

Thanks!

***JPnyc*** · April 16th, 2009 06:09 PM

Being on it is embarrassing enough, I should think.

***cross*** · April 16th, 2009 06:49 PM

Originally Posted by VicE$DoS$

Sorry! I know this is an older thread.

I just wanted to ask if anyone sees any benefit in stealing twitter account details? What can be gained?

Other than the sheer embarrasment and perhaps a small probably negligable bit of reputation damage should it be a 'corporate twitter'

Thanks!

Well for most folks, it can give you access to quite a bit. See, the avarage joe uses the same username/password on every account they have, or its very similar. So by taking control of something unvaluable like twitter, you could indirectly gain access to their bank as well. Of course this would have to be more of a personalized attack, where you would have to know or guess where they have other accounts at.

***MrLinus*** · April 17th, 2009 01:09 PM

Originally Posted by cross

Well for most folks, it can give you access to quite a bit. See, the avarage joe uses the same username/password on every account they have, or its very similar. So by taking control of something unvaluable like twitter, you could indirectly gain access to their bank as well. Of course this would have to be more of a personalized attack, where you would have to know or guess where they have other accounts at.

Right but that one account compromise could mean, since many corporations have employees using twitter, a compromise into the corporation. It is a doorway in. Additionally, since there are some websites that prompt ways to enhance the twitter experience, it may be a way into the environment (albeit that twitter only uses UDP -- at this point) it may still present a way in.

**VicE$DoS$** · April 21st, 2009 09:52 AM

Interesting. Never thought about the UDP aspect and the possibility of inbound attacks.

I think anyone using these Twit ranking and or Twit enhancement sites get everything they deserve!

** Goes to quickly un-install Twibble.de from his Blackberry...........:0

Thread: Phishing for twits

Thread Tools

Display

Phishing for twits

Similar Threads

New way to decipher phishing attacks

Spear Phishing

Experts: 'Phishing' more sophisticated

DIY phishing kits

Phishing Scam Call to Action

Bookmarks

Bookmarks

Posting Permissions