Twitter to remove accounts of cryptocurrency scammers

Twitter is cracking down on cryptocurrency scammers and is taking steps to reduce the number of such scams. This comes after a number of accounts impersonated Elon Musk, Vitalik Buterin, and John McAfee to dupe users into sending them small amounts of cryptocurrency.

The impersonators would deceive other Twitter users by using tactics such as misspellings in the username or using the same or similar avatar to fool users.

They would tell followers to send them small amounts of cryptocurrency and would promise in return to send a bigger amount back.

In February, Buterin tweeted to his followers that if they sent him 0.1ETH, “I will send you nothing because I am too lazy.” Scammers, in reply, took the opportunity to ask users to send them small amounts of ethereum.

In response to the scammers impersonating Buterin, he took to Twitter to negate the rumours:

A Twitter spokesperson said, "We're aware of this form of manipulation and are proactively implementing a number of signals to prevent these types of accounts from engaging with others in a deceptive manner."

Twitter Spammers abuse Google search

We reported few days ago about a new spam campaign that abuses open-redirect vulnerability in popular websites including CNN, Yahoo and

Today, Security researcher Janne Ahlberg discovered another spam campaign that abuses the google search to spread the scam websites.

"check google hxxx:// Pounds … and learn the right way to reduce 20 lbs in less than 29 days" One of the spam tweet reads.

"see google hxxx:// … and find out the best way to lose 22 lbs within just 29 days" another tweet reads.

"lol already lost 4 pounds in 5 days!! that web page I found at google hxxx:// … is truly beneficial"

Unlike the previous spam campaigns, cybercriminals lure victims to visit their site by tricking them to look at the Google search. The spammers cleverly used the "site:" keyword to restrict the results to the specified domain.

"site:" is keyword to search only in a particular site and list all the results for that site.  For eg: "spam" will find pages about spam within

So, when a victim follows the link, he is only going to see the results from the spammers website.  The technique helps cyber criminals to bypass the malicious URL filtering.

McDonald’s Gift Card Spam on Twitter redirects to adult dating site

TrendMicro have spotted a Twitter spam touting “gift cards” at the tail-end of the gift-giving season. These tweets has shortened URL with the strings "#mcdonalds gift card."

McDonald’s is a globally well-known fast food chain that, like many other establishments, do offer certificates and vouchers for patrons who would like to give these as gifts or rewards.

Unfortunately, This is not gift card from McDonald , it is one of Twitter Scam that lands you in Adult Dating site.

TrendMicro consider the URLs used in this attack as malicious because of the deceitful nature by which they are used. The lure “#mcdonald’s gift card” would have definitely led several users to believe that some gift certificates or vouchers are being given away or discounted.

A couple of weeks ago of weeks ago in the US, attention was drawn to a Mystery Santa who donated $500 worth of gift cards from McDonald’s to a nearby homeless shelter. Whether or not cybercriminals got a social engineering idea from this cannot be confirmed, but in all cases users are advised against clicking on links without first inspecting them. In this case, hovering on the link would have given users a clue about how to proceed.

Findout who Unfollowed you : a New Scam hits Twitter users

Twitter users hit by a New Scam that use traditional method. TrendMicro find and blocked this scam already.

The Scam tweet:
"32 ppl unfollowed me.want to find out who unfollowed you? Find out here"
This scam asks you to click the link in the tweet. If you click the link, it will bring you to the a page that claims as “Followers Monitor”. This page asks you to authorize application to use the Twitter. If you give access to twitter, the scammers start to spread the spam with your twitter account.

The choice of hashtags used by this attack was harvested from the trending topics seen overnight. Some were related to the Monday Night Football game which was airing (and trending) at the time this attack took place, while others were more random, as can be seen above.

Security Tips:
  • Never Click the link , if you got these type of tweets.
  • If you do inadvertently click links like this, you can undo some of the damage by removing the app’s authorization to access your Twitter account. This can be found under the Applications tab of your settings.

Hacked Sky News Twitter account claims Chairman James Murdoch arrested

The official Twitter account of Sky News hacked last night and spreading false tweet message, claiming that Chief Executive and Chairman James Murdoch had been arrested by police in London , according to NakedSecurity report.

The false message cleared but not before other Twitter users had shared it across the network. The @SkyNewsBiz account was later updated to deny the story, and claim that a hacker was most likely responsible.

James Murdoch, of course, has been appearing in the headlines rather than writing them - after being questioned about his company's knowledge of "phone hacking" by the News of the World. A tweet from Sky News - another Murdoch company - claiming that News International's embattled chief executive has been arrested would cause quite a stir.

NBC News Twitter Account Hacked and spreading fake News of 9/11 Ground Zero attack

Hackers named as "Script Kiddies" hacked the NBC News Twitter Account and posted messages claiming that there has been a terrorist attack at Ground Zero in New York.

The bogus messages claimed that Flight 4782 has been hijacked and another plane crashed into the site where the Twin Towers collapsed ten years ago.

NBCNews's Digital Officer Vivian Schiller tweeted confirming that their official account had been hacked, and asked followers not to retweet any of the offending messages.

In a subsequent message, Schiller confirmed that NBCNews was "working with Twitter to correct the problem and sincerely apologize for the scare that could have been caused by a such a reckless and irresponsible act."

The same group previously hijacked and defaced Pfizer's Facebook page and broke into the Fox News Politics Twitter account to post a bogus announcement about the death of Barack Obama.

It is unclear what method hackers used for breaching into this famous twitter account. Hacker group might used one of the following method:
  • Phishing
  • Dictionary Attack on password
  • Spyware
  • Less secure Password
  • Same password in multiple sites.
  • etc...
If you want to Know How to protect from the above attacks , please read our Security Tips Section.

Pictures of Osama Bin Laden Phishing attack on Twitter

Phishing attack is one of the powerful hacking method. It will trick users to enter username and passwords. Today Pictures of Osama Bin laden phishing hits twitter users.

They tweet contains:
Pictures of Osama Bin Laden [Link]

If the users follow the link, it will bring you to the fake Twitter Page(Phishing Webpage). Once you enter the username and passwords, your account will be compromised by Hackers.

If you notice the URL of page, it will be "". It is not twitter website.

If you think your account is hacked by hackers, Change the Password as soon as possible. If you use the same password for gmail and other accounts, change it also.

Security Tips:
Use Different passwords for social networks(twitter,facebook) and mail id(gmail,yahoo).

Twitter Stalkers app Phishing Webpage -Phishing Scam

Today twitter users hit by messages claiming about new stalker app(that will track the profile visitors). They will ask you to click the link to access the stalker app. Then they will ask you to enter twitter username and password in order to confirm. If you enter , yes you are one of the victim.

This is one of Twitter phishing webpage. If you look at the link, it is fake URL. So be careful these type of scams and Phishing webpage.

Want to protect from phishing webpage(identifying) ?
Here is the security tips for you provided by @BreakTheSec
Phishing Protection