If you start seeing a message in your Twitter feed claiming that Twitter has released an app that tracks your stalkers, don’t believe it. It’s nothing more than a phishing scam, albeit a convincing one.
The message reads “Twitter finally released an app that tracks your “Stalkers” get it here [LINK]“.
(Please note, I’ve removed the link from the above Tweet. In an effort to keep this scam from spreading around Twitter)
If you click on the link in the tweet you’re greeted with an official looking Twitter authorization page, but looks are deceiving. The page asks you to confirm your username and password before you can “Find out who is stalking your Twitter”.
Take a closer look at the address bar. Sure, the page looks legit, but the URL quickly gives it away. The page isn’t hosted at Twitter, and features “XXX” in the link (always a dead giveaway).
Graham Cluley, of Sophos, gives us some good information and tips pertaining to this phishing scam:
“If you make the mistake of entering your username and password then you will handing over the keys to your account to phishers, who would then be able to use your account to read your private messages, send messages (perhaps spam-related or containing malicious links) to your followers.
Worst of all, if you’re one of those people who uses the same password as you use elsewhere on the internet – you’ve now told the cybercriminals how to access, say, your Gmail, Hotmail or PayPal accounts as well.
If you found your Twitter account was one of those sending out the phishing messages, or if you made the mistake of entering your username and password, then you must change your password as soon as possible.”
Hopefully Twitter will get involved and start auto-removing these posts before this spreads any further.