Twitter Phish

In my email this morning, I just learned that someone tweeted a picture of me!

Not so fast. It’s email from a scammer impersonating a legitimate twitter account to get me to surrender my account information.

Email claiming there's a picture of me in twitter

Click the image to see a larger version.

Even though the email appears to have come from twitter (the fake domain “”), it’s a phish. It’s not legit. Someone has spoofed a legit twitter account and standard twitter traffic, trying to social engineer your response: “Oh goody! A picture! [Click link.]” If you follow the link in the email, you’d see a forged twitter page. The design and images make the page look just like twitter’s login screen, but look carefully at the URL:

Fake twitter login page

Click the image to see a larger version of this forged twitter login page. Look carefully at the URL….

This scam points to the need for caution in following “shortened” links and to the need to Think B4 U Click! This scam is designed to make you so happy that one of your twitter contacts has posted a picture of you that you’ll just react by clicking the link, thinking you need to log in to twitter using the fake screen and–boom!–the scammer has captured your twitter username and password.

This scam probably originated with a legitimate account being compromised. Therefore, if you receive a phishing scam like this one, notify the real holder of the twitter account about the phishing attempt.

If you fall for this scam, log in to and change your password immediately. If you cannot change your password because the scammer has already changed it, contact twitter to report that your account has been compromised.

Richard Gordon