The Twitter Status Blog announced today that there is someone trying with a Twitter.com phishing site setup at twitter.access-logins.com. Now the site appears to be working at anything.access-logins.com and shows up with a Facebook sign in page for me. Firefox has already listed the site as web forgery. Of course Twitter posted the blog to warn you not to click through to this site, but it’s mostly important not to fill out your login credentials on the fake Twitter or Facebook page.
If you’re not familiar with phishing, phishing is the process of masquerading as a trustworthy entity in order to gain access to sensitive information. I have to wonder what the people behind this one plan to gain from getting Twitter login/passwords, but I suppose you’d be able to see the victims email address and attempt to use the same password on there as they use on Twitter.com. It’s important to always keep an eye on your address bar when browsing the web and to make sure you’re working through trustworthy sites whenever providing any important information. This particular attempt seems to be tied to another fake site at facexbook.com which was registered in late October and recognized right away as another scam.
There were supposedly direct messages being sent around Twitter trying to lure people into clicking the link, but so far the Twitter Phishing Polldaddy poll that was setup for this issue shows that the majority of people didn’t receive the message. It’s unfortunate that anyone received it at all though. It really is just a sign of how big Twitter has become over a short period of time.