Twitter embroiled in phishing scam

LONDON - Hackers have targeted social networking website Twitter, "phishing" users' profiles by gaining screen names and passwords through deceptive emails.

A number of high profile Twitter users have been hacked, including Barack Obama, Stephen Fry, Britney Spears, Fox News and the Huffington Post.

Users are sent direct messages from friends inviting them to click on a new website, which links to a counterfeit Twitter login page where the account details are stolen or "phished".

Security experts say the scam raises potential risks due the fact that many internet users use the same passwords for several different websites.

Users with hacked accounts have had fraudulent, often profanity laced updates made in their name.

On Barack Obama's page, a phoney post asked followers to click a link for a survey to win a $500 petrol voucher.

Biz Stone, Twitter CEO, wrote on the Twitter blog: "This morning we discovered 33 Twitter accounts had been 'hacked' including prominent Twitter-ers like Rick Sanchez and Barack Obama.

"We immediately locked down the accounts and investigated the issue. Rick, Barack and others are now back in control of their accounts.

"The issue with these 33 accounts is different from the Phishing scam aimed at Twitter users this weekend.

"These accounts were compromised by an individual who hacked into some of the tools our support team uses to help people do things like edit the email address associated with their Twitter account when they can't remember or get stuck.

"We considered this a very serious breach of security and immediately took the support tools offline. We'll put them back only when they're safe and secure."

Similar ailments have struck social networking sites Facebook and MySpace. Users are asked to click a link sent from a friends infected account, leading to a website which downloads malware to the unsuspecting users' computers.

Twitte the book? Read Gordon's Republic blog post