New Twitter Phishing -jannawalitax.blogspot.com

I read Chris Prillo’s Blog about this and wanted to investigate this even more. When you go to this site it looks like:

http://twitter.access-logins.com/login/ --Phishing site

When you go here the web address is : http://twitter.access-logins.com/login/ and it looks like it was a redirect form the blogspot.com site.   so what I did an experiment and just took off /login/ on the address and this pops up:

Face book fake -- http://twitter.access-logins.com/
[ad#ad2-right]

This website looks to like a facebook website so now you have to ask where is this at: Hunan China.  After I did a whois look up it looks like China is at it again.  These are trying to get on to your account to either spam or use it to get people to install software.   So what are things you can do?  If you have a question about this always check it out.  That is why I like to check everything out with these types of phishing scams.   I don’t know why they want twitter accounts, I just know they are doing this now.   So if you get this message:

hey! check out this funny blog about you… jannawalitax . blogspot . com

Just ignore it and possibly blog the twitter account.  That is probably a bot or someone’s account been hacked and is no longer valid.   I’ll leave that up to you on how you handle that account.   This is to warn people about this account and warn people. Help Protect your password with Roboform, don’t just use one password for all accounts.  It also seems to be possible worm, if you think your infected check out my resource on remove the worm.  Here’s the link to that talks about this being a worm.

Are you worried about your identity?

So after the fiasco of the other day, I decided I will talk about security and why you should worry about new websites that you have never heard of.   People are not worrying about there identity and keeping there identity safe.   You see whenever someone signs up to a service without thinking about their password being stored or even used maliciously.   You see when most people don’t use more than one or two passwords for all there accounts and then you use the same password with a new website.  Are you asking for your identity to be stolen?  In one of my previous blog posts I talked about not having any privacy on the internet.

So How can you protect your privacy?

When ever I come across a site that I don’t know about and I want to protect my account from being compromised I find out what I can from several places:

  1. [ad#ad2-right]Google — Yes this is quite common to use to find out about what people are saying asking the keywords like is it a scam or what people are saying about the site?  This can be very useful to make sure I don’t get scammed by a company for instants the Nationwide marketing scam.  Although this is really important when you get things that sound questionable.  This can be very useful with regards to keep your wallet safe.
  2. Whois Network — If there is a site you’ve not heard about and have a question about it you can always do a whois lookup.   This is a great resource for finding out how long the site has been up and who owns it?  The problem with this is most people who have a website aren’t worried about security and privacy.   So you make sure this site isn’t a phish site or to make sure the site isn’t being used improperly.
  3. Sitetiki —  a good site to do some research.   It’s a wiki like Wikipedia but for websites and if they are good or bad.  It also has a spammer list for people to watch and make sure not to go to.  These sites are usually redirect spam sites uses for email.

What about Personal privacy?

With this I also want to talk about security online to prevent people from gaining access to your accounts online by guessing the password.  Some sites also like to phish for your account information and use the information gained to take control over your account so here are some useful links to help protect your account information:

  • [ad#cricket-right-ez]Roboform — This is good for generating a really good random password and remembering it.  This will keep people from guessing the password and also make it easy to come up with another good password.  This will also fill out the required site forms that usually use to sign into website.
  • A good VPN Service —  If your like me and you have to use free wifi from time to time and want to make sure you have privacy on the net.  This is good for security on any open wifi network and you don’t want to have anyone watch you while your browse online.  In case someone is interested what VPN’s are used for here is the link to let people understand it better.
  • Perfect Paper Passwords — This is coming from Security now Episode 115 and he talks about this to better help people make the best possible passwords.  Listen to it and it will help you understand more about security.

These are just a few ways to prevent people from gaining access to an account.   After doing some research on this and thinking about this in bigger detail.   I would like to make a public apologies about the fiasco yesterday and what happened.  In all truthfulness everything didn’t seem right with the doings of the going on with website.   I also was worried about the twitter spam it was sending out as you started the service.   I didn’t know until later that it was a real person trying to make a product twitter users could really use.   I have learned from my experience and I will work harder next time and not be so quick to act next time.   If I was the company that bought that site, I’d also offer a job to both of them for being intuitiveness on coming up with a really good product.

Twitter Spam bots are hot to trot: http://gentai.com/revenge1

Ok so I was curious why I all of the sudden got people joining my list. each one I look at just to see who these people are have only one twitter message saying this from two different accounts:

twitbot3

and this one also

twitbots2

and once you click that link it takes you to this website and see what they want you to do:

twitterbots

These people are trying to get you to click on there links and [ad#ad2-left-1]get you give them email accounts.  This has been socially engineered to look like it is real.  I gave them a 10 min email account to see what they sent me.  It was a link to there porn site.  Wanting me to give them my credit card or checking account information and to join there site.  I don’t think so, not this old dog.   Anyways if you get this spam from a user you might just want to block these people.  Some of these people have followers.  Hmm I don’t know about these people.  I guess they want you to send an email to other people to spam them also.  How nice of them to social engineer this scheme so you can make your friends and family mad at you and probably not even talk to you.   So that is why it is good not to auto-follow people when they subscribe to your twitter account.   Some people have that set.  Some people just don’t learn. I am sure some people will like this site for other reasons but please don’t spam people with this little site. Please don’t put people on that list.

Loic don’t depend on that “authority” site, it’s not all it’s cracked up to be!!

In my most recent post Loic was wanting to be able to search by authority and be able to find information that is really high on “authority”. I will guess he is happy with “Twitority” because now you can search base on the so called “Authority”.

[ad#tmi-right-1-1]I say this will not show the really juicy stories out there. You see, most really good juicy stories might not be picked up by twitter for a few to a couple hours. If you want to find the really good stuff on twitter you won’t find it with authority but by the people who might not have any or little authority.

So if you think Authority is all that and more, I say it’s nothing to “write home about”. I just worry people will see this and start flocking to this system. Once people start searching by authority that will get people to want to be higher on this so called authority idea. So what will happen, people will want to get more authority and possibly buy Authority. This is a far far possible outcome of having this so called authority.

[ad#cricket-1]I don’t think it will happen once people see how flawed it is and see it. They will flocked to something else, you see that all the time on twitter. I will wait judgment on this new site and see how it goes but I don’t think it will work. One thing I wonder is the how this site will keep going with it just been created so rashly and without much thought. There has to be a revenue stream coming from somewhere? Could of been Loic who made the VC happen? I’ll let you decide for yourself although I think it points to him.

I think Scoble is thinking the same thing?  Could of been something to make even more controversy or could it been just happen stance?  What say you Robert?

Scoble is Right and Arrington, and Loic are wrong about “authority”?

This weekend the blogosphere flared up over twitter having “authority” search functions.  I say this is totally not going to work because some factors.  I am not saying they have the right idea but I do see a really major downfall.   Loic wants to be able to search for content that has more “authority” and because he is looking for good content.   I understand where he is coming from because he wants to look for content for his Seesmic Company.   I can see he wants to find the best videos to offer to his users for his company.  I totally understand and really appreciate that he wants to work for his company.

[ad#cricket-1-1]Now being that Arrington talked about this on Techcrunch, and agreeing with Loic over this.  I have to wonder why he wants to agree.  You see he is also into content and understand that if the “authority” for searches in twitter from his blog post means people will flock to his site and he gets more pageviews.  I say this is the wrong for him to agree because there is nothing going to stop people finding his content.   Also that would mean his blog post would have more “authority” then the common person who might not like this blog post and you wouldn’t see that until you get to the next page or even a few pages back.   So we have these two wanting more “authority” and more content.

Then we have Scoble and his blog post.  Now let’s talk about this from where scoble says it’s a bad idea.  Scoble talks about gaming the system, and if you think back to Digg killing all the high number of members because they were using scripts.  Here we are again with regards to twitter.  Now if we have authority people are going to game the system because no matter how hard we try it will be a competition.

We have botnets and we have bots on twitter.  It really isn’t hard to have a bot on twitter, and that is where we have a problem.  You see if we have “authority” and we want to game the system.  We just have bots with authority and by having other bots subscribe to each other.  There lies the problem.  People will easily be able to game te system and create even more trouble finding the content they are so dearly looking for.   Now I don’t usually get into the whole “he’s right and he wrong” disputes but this one has to be brought to people attentions.

I say this when did “Authority” stop people from talking about the really important stuff happening in the world.   We have people from Friendfeed talking about this and we have people from twitter talking about this als.  Loic and Arrington need to learn content isn’t hard to find, it will always be there.  You just have to open your eyes to see.   The way I see it, we have a coin and we have the good and bad.  We should just keep the bad out of there and keep the good stuff we already have.   This goes in the bad idea bin for the time.