As it has happened with virtually every other popular Web site over the past decade, it seems that Twitter is being used in a phishing scam.
Twitter, the social networking and “micro-blogging” site that lets users receive regular updates about their fellow users through short messages of 140 characters or less, acknowledged this weekend that phishers are using its name to lure unsuspecting users into giving up their user names and passwords. Essentially, spammers are sending people messages with links to site names — such as “twitter.access-logins.com” — that appear to take them to the Twitter homepage. Once users enter their names and passwords into the false Twitter site, their Twitter identity is used to send out spam to their followers or to trick them into similarly giving up their user name and password.
Twitter is recommending that any users who fall victim to the scam should immediately reset their password in order to block others from accessing their accounts. Twitter also is working to shut down any compromised accounts that it encounters to prevent excessive spamming.
In the past, Twitter has been used by spammers who create an account for the site and begin following thousands of people in order to send them links to dangerous Web sites or to sign them up for Multi-Level Marketing schemes.