This morning, I received a direct message to my Twitter account. I was initially pleased, as it was from someone I first met through work but hadn’t spoke to in a long time.
Unfortunately, as soon as I saw the content of the message I realised that it wasn’t from him at all, but a computer-generated message.
You look different in this pic http://tinyurl.com/…
The link itself (which for obvious reasons I’m not about to repeat here) led to a web site that was a carbon copy of the twitter.com homepage, complete with login form.
And it’s that last part which is the crucial one. By impersonating a trusted website, it will trick enough people into entering their username and password. And from that, whoever collects that information can do anything they like with your account, from reading potentially sensitive private messages, to sending out DMs or tweets with malicious intent.They could even change your password so that you can’t access your own account. The key is, they will have total access to your account, and can do anything with it – and not only will they not have your own (impeccably high, I’m sure) moral and ethical standards, but it’ll be next to impossible to prove that anything they do wasn’t done by you.