A fellow meteorologist from Houston sent me a direct message yesterday afternoon via Twitter.
Bad blog going around about you, have you read it yet? http://t.co/T***48
People have said bad things about me, but there was a suspicious odor to his tweet. I’m curious by nature and clicked. I ended up on a Twitter error page, but of course it wasn’t! It looked like Twtter.com, but it was actually an inside page on Twittelr.com¹.
You’ve probably seen this before. The Twittelr site is designed to make you think you’re on Twitter and need to log in. If you do you give the phisher your credentials. Don’t expect a thank you note!
I wouldn’t be writing about this but for one small point. Lots of the files these crooks use are hosted by Twitter. Every image and all the CSS files are on Twitter’s servers. They can’t stop the phishers, but they could make their job more difficult. They don’t? Why?
Why doesn’t Twitter limit these hallmark items only to requests that come from their own server? That’s a very simple thing to do.
If the Twittelr folks had to serve their own images and CSS it would increase their bandwidth requirements. It might cost them money and change the economic model of this scam. It might slow them down.
Twitter is an enabler.
Meanwhile this site has been up for a while. It was registered September 23. It has been live with this scam since at least yesterday, hosted by bizcn.com in China.
Why hasn’t it been shut down?
Here are the published details of Twittelr.com. It may or may not be true.
Domain name: twittelr.com
Registrant Contact:
zhang yu
yu zhang sdfgsdfghf@msn.com
0463965823 fax: 0463965823
changhailu12hao
nanning guangxi 230254
¹ – In the interest of security I’m not going to actually show any of the bad urls here. Twittelr.com by itself leads to an error page with Chinese characters.
Sounds like your fellow meteorologist needs some education about scams and phishing…
I suspect his account had been compromised. He didn’t personally send it. However, a ‘hacked’ or compromised account is nearly always traceable to someone falling for a phishing scam themselves.
And people say certain parts of Facebook are bad. Hope your friend can fix his account without too many problems.
I hate this scam for 2 reasons. One being that it wrecks your account, and the second being, it wrecks your reputation. That nice guy you connected with 2 days ago seemingly sends you this message, and you immediately think he’s some sort of shark, when in fact he has been the victim of hacking. Hope your friend gets sorted.