Security experts warn of possible ID theft scam on Twitter
Wednesday, May 13, 2009
A social networking game making the rounds on Twitter has been flagged by security experts as a possible threat to users.
The Twitter "porn name game" may be a ruse to get people to unintentionally reveal their security questions for remembering their passwords. Web security pros said this could leave users susceptible to identity theft or fraud.
A security blogger for PC World pointed out Tuesday that the questions users are supposed to answer to come up with their porn name are actually common security questions, such as "what is your pet's name" and "what is your mother's maiden name."
Security firms have been blasting the warning out since yesterday and Twitter has warned users not to post their personal information - in connection with the #twitterpornnames tag, which makes user posts easily searchable, or anywhere on the site.
This kind of social engineering trick is becoming increasingly common on social networking sites.
Spammers have conned users of Facebook with phishing attacks premised on Wall posts proclaiming that scandalous pictures of the user have surfaced on Facebook and directing users to malicious sites.
Spammers have also sent Twitter messages to users that can contain malicious links. The use of link shortners like TinyURL to fit a link into Twitter's 140 character limit has been used to mask malicious links, security experts said.

|