Be Careful Out There, Twits

To no one’s great surprise, some nefarious jerk or jerks are using phishing attacks to hijack Twitter accounts, possibly as a precursor to stealing online IDs across the board.

If you’ve signed into Twitter the last while, you probably already know the bad guys are up to something. Variations on the message, “Warning! Don’t sign in to fake Twitter.com from a DM. Read more on our blog” have been appearing underneath the latest update on everyone’s profile. But for those as inured to lines of inserted text as they are to contextual web ads, the message might not have gotten through.

Clicking on a link in a message that starts, “hey! check out this funny blog about you…” redirects you to a site where the badness starts.

Which brings us back to one of the primary rules for protecting yourself online, whether you’re on Twitter, Facebook, LinkedIn or just checking your email: Don’t click on suspicious links.

Even if a link is sent to you by a trusted source, the account could have been stolen, so if anything at all in the message gets your Spidey senses tingling, try contacting your friend through another means (ie. Pick up a phone) and see if it’s real.