SmartName's domains used for twitter phishing attack.

[Mr. Deleted]

VentureBeat — If you receive a direct message on Twitter that says, “lol, is this you,” don’t click it. The link will allow a Twitter phisher to take over your account. The phishing messages look like this: “Lol. this you?? http://divinelink.net/?rid=http://twitter.verify.bzpharma.net/login” Warnings of the attack began circulating on Twitter in the U.S. on Saturday afternoon. “The attack appears to be utilizing the SmartName domain parking service, which allows redirects to third-party sites,” said Jesse Stay, founder of the SocialToo Twitter enhancement service. “The DMs appear in the form of a legit URL, followed by something to the effect of ?rid=http://twitter.verify.bzpharma.net/login in the URL. Those URLs redirect to the latter URL, which is a phished site that looks like the Twitter login page.” Stay was happy to point out that SocialToo’s automatic spam filtering for Twitter direct messages blocks the attack automatically for his customers. As of 6pm Central time in Stay’s native Salt Lake City, he said SocialToo had blocked more than 600 of the messages. “To enable the Phishing protection on SocialToo,” he wrote, “users have to either enable the DM E-mails in their preferences (these replace Twitter’s DM E-mails and will be a premium feature in the future), or create at least one DM Filter in their preferences.” “These numbers are still going up as we speak,” Stay added, “so Twitter has still not put an end to the problem.”

I got the DM twice myself

---------- Post added at 02:56 AM ---------- Previous post was at 02:53 AM ----------

http://www.buzzbox.com/mufumbo/MyBuzzBox/2010-02-20/Phishing:Twitter/

 

[Stian]

I got this one yesterday as well. Didn't click the link though, it had phishing written all over it.

 

[Mr. Deleted]

I was hoping Smartname would find out and put a stop to it by at least temporarily changing their code.