Tuesday, March 18, 2014

You Were Mentioned In A Tweet Phishing

Tweeter Phishing

This short post dedicated to tweeter phishing attempt that we noticed. It is based on simple re-directs that finally lands on some arbitrary page where your twitter credentials are prompted.

Here is how it works:

The email:

Tweeter Phishing Email
Link re-directs:
  1. po.st/L41lRU - located in US
  2. hxxp://joi.nu/o6j?iewj - located in Germany 
  3. hxxp://103.243.128.145/r/fw1/ - located in Hong Kong
In stage 3 you land in phishing site (see image below) claiming that your session has ended. In order to see that "tempted Tweet" you are asked to enter your Twitter credentials.

Phishing Page


Needless to say, that you should not!

Malware clean-up

Uncovering online threats and hidden malware is easy and effective with Online Malware ScannerHowever, if you suspect that your website was infected, use Website Anti-malware Monitoring for malware removal.

Alternatively, you can try to remove malware using Quttera's website scan report. You will then need to submit your website(s) for re-testing and removing from blacklist.