Twitter Phishing Attack Screenshots

A Mashable post about the Twitter phishing attack going on makes the point that this is a “coming-of-age” for Twitter, in that “nobody phishes where there are no phish to catch.”  Maybe so, but I’m annoyed nonetheless.

Twitter sent out a tweet (if you’re following @Twitter) linking to a blog post about the phishing event.

I’m up to 7 direct messages in the last 24 hours or so.

The blogspot blog used in the following message has been taken down by Blogger:

hey look at this funny blog http://rosalierebyb.blogspot.com/

rosalie

However, the access-logins site is still running, and looks “authentic” for not paying attention.

fixed it.. hehe here is that blog i wanted to show you http://twitterblogs.access-logins.com/login

accesslogins

One commenter on the Mashable article notes that the domain was registered on December 16th, and that facebook.access-logins…. goes to the same site. (Actually, *.access-logins… goes there.) Perhaps the domain’s purpose is its name… to “access logins.”

If you leave off the “/login” on the path, you get a Facebook spoof page:

facebookspoof