“Hello my name is Casey Cheshire and I avoided a Twitter Virus”
As soon as there are innovations in the world, there’s usually a flock of folks looking to exploit any weaknesses that may be present. Twitter is no exception, as I learned recently.
It all began when I received a DM (Direct Message) from someone I was following. You see Twitter was smart and only allows people who are both Following each other to exchange DMs. This makes sense. You can follow Bill Gates and @ Reply him but not send him a email-like message. The difficulty with this is that a lot of people (myself included) tend to follow those who are following me. It’s like shaking hands. Is this a strict rule? Of course not.
So here I was, minding my own business on Twitter when…
I received this Direct Mesage:
Looks unassuming and like a link to what you might think would be a photo of you on the internet. Makes you start thinking: “Oh jeez, what kind of photo have my friends posted?”
Notice the link is to “dwarfurl.com” and it looks like one of the many URL Shortening sites (that turn a long link into a short manageable one). Low and behold it is just that! It’s where it takes you to that you should watch out for it, and the reason they used an url shortener in this case is not to shorten but to hide!
The short link takes you to: http://twitter.expressplacement.com/ (don’t go there)
And this is what you see:
It looks *just* like the sign in page at the real Twitter.com but it’s not. They want you to be fooled and so they include the Copyright notice, all of the standard links and graphics. It only looks like the sign in page but it’s really ExpressPlacement.com (evil twitter destroying empire?)
The unsuspecting person would see this and think that perhaps they were logged out of Twitter (if they were using Twitter on the web already).
If you log in (and give Express Placement) your information- guess what it does? It sends out the same Direct Message to everyone that YOU follow/follow-you. This is just like your basic computer virus, except that it exists solely on the Twitter interface.
Update: Kudos to the team at FireFox (the browser I use) and a few savvy folks who reported this page. If you click the link now you’ll see this:
It’s a middle step to warn anyone accessing that address that the website you’re about to view has been reported to be a website that pretends to be something it’s not. Awesome! This should prevent most folks from using this link now. Keep in mind it took a few days for this to go up, and when I first clicked it I went to the actual page.
Knowing how to spot forgery sites, on and off Twitter, will save you and your friends a lot of trouble!
If you know anyone that is new to Twitter or has sent you a DM like the one above, send them a link to this article. If we’re all informed, these annoying scams will be powerless. Know, recognized, and avoid the Twirus when you see it!