I had a direct message from a friend on twitter today asking about a direct message she’d had from someone she followed. The direct message said,
“Someone said this real bad thing about you in a blog….[link removed]”
If you click the link it takes you to a website at tnijurl.com and then a ‘twitter login’ page at berichtenversturen.com/ which appears to be the twitter.com front page but is not. The domain name berichtenversturen.com was registered in China in November 2010. tnijurl.com was registered in Poland.
The direct message is a ‘phishing scam’ aimed at stealing your twitter login details. I wrote about these scams back in February 2010, with links to some useful twitter resources about keeping safe.
Twitter has a very useful help page about problems with phishing and hacking. A good place to start is here: Safety: Keeping your account secure.
DianaCelella says
Once again a very informative blog, being reasonably new to twitter I find these blogs really helpful.
Charlie Bailey says
Thanks for the info – I’ve been hit with this twice in the last ten minutes.
Peter L Masters says
Quick work Sue, thanks for letting people know about this, I got this over the weekend, very sneaky.
Best regards, Peter
hannamay says
I have experience phishing in facebook.. I have recovered it after 3 weeks.. I found out someone was using my account.. it made my account safe for that..thanks for an informative post..
Su says
Thanks for the comments everyone.
I notice there have been some new variants of the DMs – such as:
“Did you really say this about me? one of your followers sent me this..”
Su says
UPDATE:
Two recent new phishing messages:
“Found you in this funny picture”
and
“ROFL this pic i found of you had me dying lol”
Don’t click the links, tell the user about it and what to do, thanks.
Su says
And another phishing message on twitter just arrived now via DM:
“Someone is posting a pic of you all over twitter ;( link2pic here: “
Su says
Today I’ve been getting phishing messages saying:
“ROFLMAO i can’t stop laughing at this pic of you…”
and
“lmao this video of you is funny as hell, im sharing it with everyone”
Julia Winston says
Yup, they got me to 🙁 i’ve cliked the link :(( 2 times :(((for my 2 Twitter accounts :(((( I’ve changed both paswords :((((( do i need to change my other pssw for other account (like FB) concerning this e-mail ?????
Hellllllppppp !!!!!!!!
Su says
Hi Julia,
If you are using the same password elsewhere it might be wise to change them, but the main procedure is here:
https://support.twitter.com/forums/10713/entries/31796
The important thing is to revoke access on your account to applications that you have allowed to log in. This might include applications like Hootsuite and Tweetdeck for example, or analysing sites you might use like Peerindex or Klout. Have a look on your settings (top right at twitter.com, click on your avatar to see the settings in a menu) One of the tabs in your settings is called ‘Applications’ which you have given access via Twitter’s O-Auth protocol to access your site without your password.
Once you have changed your password, revoke access to the applications listed here (the wise thing to do is list them all, then revoke access to all, then re-permission those you use as you need to). This way your new password is protected and if a hacker has used an application to steal access to your account they won’t be able to because you revoked access AND changed your password.
Hope that helps.
nancy says
I have been a fan of this blog site. And this post is simply great!!
Su says
Another version of the phishing direct message arrived over the weekend in droves:
“This made me laugh so hard when i saw this about you lol”
If you find yourself sending these messages, don’t forget to revoke access to applications as well as changing your password on twitter. Both can be done via the settings on http://twitter.com/settings/account
Su says
Just got a new twitter phishing direct message:
“Top 15 Funniest Things!! [link removed]”
The same account had a public message:
“Are you serious about weight loss? Read this article ASAP!”
If one of the people you follow sends these messages, do let them know and advise them to change their password and revoke access to applications.
Kristin Johnson says
Have you ever heard of someone getting an email stating: “Hi its me ______ im one of your twitter followers…Someone grabbing your avatar on twitter..I feel everyone desire to imitate your account..I suggest you to inspect his fake twitter here just click the Twitter image…Sorry for my sick english…….”
I recently put my email in a tweet to someone I meant to DM, but just hit reply accidentally. 🙁 I wonder if this is a scam. If it’s not how would I go about finding out if it were true another way?
Thanks!
Kris says
I just got this from a person that I know would never send this out. I let them know they have been hacked. 6 months ago it was done to me with a picture scam! Changed password two times and that cleared it up. Thanks, this time I googled the phrase and found your site.
Kisha says
This is really a great tips.. Thanks for this post! Keep up the good work!
nas says
I’ve been getting various “im one of your twitter followers” spam emails, and I now recall accidentally @replying someone my email instead of DMing it. I deleted the @reply seconds after realising, but I guess it’s too late.
Something worth noting is that it’s always form @yahoo accounts. So I just set up a blacklist filter for from:@yahoo and contains words:twitter.
macaya says
thank you may god bless you!
Okna says
Can I simply say what a aid to seek out someone who really knows what theyre speaking about on the internet. You undoubtedly know how to convey an issue to gentle and make it important. Extra people must learn this and perceive this facet of the story. I cant consider youre not more well-liked because you positively have the gift.
very good submit, i definitely love this web site, keep on it