Sophos warns of ‘Twitter petition’ designed to steal users' passwords
Twitter users, beware of a so-called petition claiming the micro-blogging site will start charging for its services starting October â itâs just a phishing scam. In a tweet, Twitterâs trust-and-safety account warned that the supposed petition is fake and will attempt to steal the prospective victimâs password. âSeeing Tweets that you need to sign a petition to keep Twitter free? Don't click. It's fake and will steal your password," it said. Computer security firm Sophos added the scam is now making the rounds online. It added it appears that the Twitter team is having partial success extinguishing this new threat. âThe tweets being sent out read âTwitter might start to charge in October, sign this petition to keep the service free!â" it said in a blog post. Meanwhile, Sophos warned against tweets using URL shorteners, and advised users to double-check the short URLs at longurl.org. It said one such shortened URL led to ltittier.com, a ânear-perfect duplicate" of the real Twitter site â but was registered on a Chinese DNS server. âThe site is a near perfect duplicate of the real Twitter login site, and it masquerades as a message that your session has timed out. You will need to âre-authenticateâ and hand over your identity to the criminals immediately," it said. â LBG, GMA News