Setting up Email Filters for Twitter Phish — Getting Phishing out of the way

Ok So we’ve all had the problem of having to deal with this twitter phish, and you can see there are more and more twitter spam.

So how do you start Filtering out the Bad twitter spam?

I’m using Mozilla Thunderbird so this will not be a complete way for people who use other email software.

Select Tools and then Message Filters

Once You find your way to this menu you would click new and then you do this:

To get here in Thunderbird Tools From the Menubar and select Message Filters

Now once you’ve named your twitter filter, I named it “Twitter Spam” but you may name it whatever you would like.   I then selected to “Match all of the Following”, if you don’t do this it will send all direct messages to your spam folder.  You’d get no direct message from anyone about anything.   I told the filter if it was from “*@postmaster.twitter.com”.   Once you done that you would click the plus sign to add [ad#ad2-right]another row and then I selected the “Subject”.  I selected that to filter whatever is in the subject body of the message and filtered for “http://*.access-logins.com”.  Then I clicked Move Message to Spam Folder.  You can move it to your own twitter spam folder, it is just nice to move it away from the important stuff.   You also if you like can Mark it as read also by clicking the Plus sign and selecting “Mark as read” so that you don’t have to worry about reading each and every one.   For people who are wondering the Asterisk is a Wild Card which means it does not matter what is in there that is import to prevent getting spam from people you know or from sites you know are phishing.

Some people might like to do this for Google Mail and I see no problem in people doing this before you even get the email but if you’re not using Google mail and would like to do this for your email hosting account by all means follow these steps and you shouldn’t get much phish direct messages.  I will say if they us another Free hosting account you’ll get it for the time but it won’t be constant.   I hope this helps people get this out of there way.  Soon this will be in the past.

If you suspect you will get more blogspot.com links also you can set up a seperate filter to filter for “http://*.blogspot.com” just follow the instructions just like you did but use that instead of the other internet address.  I’d also tell people to not Direct message you about a site  if it is important to look at to reply to you but don’t direct message you. 

New Twitter Phishing -jannawalitax.blogspot.com

I read Chris Prillo’s Blog about this and wanted to investigate this even more. When you go to this site it looks like:

http://twitter.access-logins.com/login/ --Phishing site

When you go here the web address is : http://twitter.access-logins.com/login/ and it looks like it was a redirect form the blogspot.com site.   so what I did an experiment and just took off /login/ on the address and this pops up:

Face book fake -- http://twitter.access-logins.com/
[ad#ad2-right]

This website looks to like a facebook website so now you have to ask where is this at: Hunan China.  After I did a whois look up it looks like China is at it again.  These are trying to get on to your account to either spam or use it to get people to install software.   So what are things you can do?  If you have a question about this always check it out.  That is why I like to check everything out with these types of phishing scams.   I don’t know why they want twitter accounts, I just know they are doing this now.   So if you get this message:

hey! check out this funny blog about you… jannawalitax . blogspot . com

Just ignore it and possibly blog the twitter account.  That is probably a bot or someone’s account been hacked and is no longer valid.   I’ll leave that up to you on how you handle that account.   This is to warn people about this account and warn people. Help Protect your password with Roboform, don’t just use one password for all accounts.  It also seems to be possible worm, if you think your infected check out my resource on remove the worm.  Here’s the link to that talks about this being a worm.