Twitter users not laughing at Lol scam

Darren Allan

February 22, 2010

A phishing scheme is targeting Twitter users in an attempt to steal their passwords and use their accounts to spread spam.

The scheme is being referred to as the “Lol” scam, because it is set up with a message which starts with that phrase.

Variants include “Lol, this you?” or “Lol, this is funny”, followed by a link to a fake Twitter login page.

Upon entering their login details, the user is shown a page saying that Twitter is over capacity, before being returned to the main site.

Of course, their details have then been phished and stolen, although they might not even realise it.

According to security firm Sophos, the spammers behind the scam are now using the compromised accounts to promote their herbal viagra.

While Twitter says that the phishing scam is only being propagated by direct messages, Sophos states that the links are appearing in public Twitter feeds due to services such as GroupTweet.

So be careful what you’re clicking on. If you think, or you know, that you’ve fallen victim, obviously you need to change your password immediately.


Comments in chronological order (2 comments)

  1. Nina Greaves says:

    We had numerous LOL Direct Messages, all sent around 6am this morning, fortunately we didn’t click any of them as only DMs we are expecting get click throughs.

    Mashable has commented further on how this has spiralled into a Viagra spam wave.

  2. Mike says:

    I hate to say it, but anyone with an ounce of common sense can spot these things these days. The same kind of trick has been used on IM programmes for many years now, they’ve gone round email, they’ve gone through all the big online games. I’m unsurprised that someone’s designed a Twitter one - but slightly surprised people are falling for it!

    REMEMBER: BEFORE ENTERING A USERNAME AND PASSWORD, CHECK THE ADDRESS BAR TO MAKE SURE YOU’RE AT THE CORRECT SITE! It takes half a second, and saves a lot of pain and misery. When will we learn?

Post a comment

Your email address will not be published. Required fields are marked *

Visited 10672 times, 1 so far today