Art & Inspiration Blog

There is currently a phishing attack happening on Twitter using  the Stalk Daily Worm. It is suspiciously similar to the phishing attacks in January of ‘09. Although the hacker who was also bothering celebrity accounts was apprehended, no one was caught re the two phishing attacks.

I stepped in during the last one, and I’m stepping in now. I am not a Social Media expert, to call me a marketer would send my friends and family into laughing fits, and I am not an IT or any other type of person whose business could benefit from stepping in now. I am an artist and writer. Read and see my work some other time. Right now we have to deal with the phishing. I stepped in during the last phishing attack in January, along with @PawLuxury & we kind of became command central as people reported the news to us & then we Tweeted and it was ReTweeted. [See: Life Lessons Learned from the Phishing Attack on Twitter ]

How it Began is Being Repeated from January ‘09

Last phishing attack began on a Saturday night also. It’s a good night to pick as most of the social media experts, people with large followings, and others that might thwart an attack are not logged in.

Like last time, a seemingly benign site has been promoted for a while. The site currently is promoted as a better alternative to Twitter, where images and more are allowed. It has the words “Stalk” and also the word “Daily” in the URL. I will not give the URL in this blog lest some curious soul clicks it.

How It Works

The last time people were asked for their Twitter password for an app that had to do wit Twitter. I don’t recall the app and it is long gone. This new scheme seems to be viral and manages to get the password. It could get more. We don’t have enough info yet.

Again, like the last time perfectly wonderful, upstanding Twitter members seemed to be sending messages. Last time the messages changes, but all involved a link, which led to a site asking for info. At that point the real Twitter person was denied access to their account as the phishers took it over to spread their messages. I have heard of one case so far where a Twitter member is locked out of their account, suspect another but have no sure verification as I write this.

What seems to happen is that the phishers get into the innocent members account and begin to send out enticing messages about this great new site that is better than Twitter. As much as I like Twitter, it is possible that there could be a better site However, this one being promotes is a scam and viral.

I do have several absolute verifications from members whose accounts have been used to send out the link to the “Stalk” site.

Last time the phishing attack continued into the early hours of Sunday morning EST when it seemed to quiet down. But then it picked up again late Sunday morning. Then it would ebb and flow, as the phishers found new ways to attack. They promised to give away free iPhones, had messages saying” Your photo is featured on this funny site” (something like that and more to entice. Right now if is sounds out of the ordinary, beware!

So far what has been reported is that when anyone clicks on the Stalk —Daily dot com site they worm seems to get into their PC, and send out messages from their Twitter ID about the stalk site. It also changes their profile so the stalk dot com site is the URL included, not the Twitterer’s own home page.

What to Do – and Not Do Now

First do not click on any links that include the word “stalk” or are shortened URLs. If you do not see a full URL with the complete domain name do not use the link. Personally, until the attack is well over I will not use shortened URLs.

Use TweetDeck or Seesmic Desktop [see Mashable at http://mashable.com/2009/04/08/tweetdeck-vs-seesmic-desktop/] as neither can be influenced with the worm.

Follow my example. l will not be clicking on any links leading to sites I am not familiar with, and certainly not any shortened URLs. I also will not post any shortened URLs. It’s a pain, but it means I will stay safe. You stay safe too.

Help others stay safe. Since last time Twitter did not put out a continuing message about the attack, and has not done so now, there is no reason to think they will do it. We are on our own in the Twitter Village . It is up to us to spread the word. Since many people are away as it is Easter eve that means that everyone needs to be Tweeting and RTing the news.

We need to keep spreading the info as new people will be logging on and off and may not catch a Tweet about the problem.

There are reports of even looking at profile pages possibly being able to infect PCs.

Why Phishers Phish

The major reason is to get money. Many people still use the same password for many of their accounts—including credit card and online banking.

We have no idea how destructive this current worm is and how much access to data it is capable of. gaining. Although you may be smart and use many different passwords, others are more trusting or vulnerable. So we need to keep Tweeting to help others stay safe. It’s called do onto others and it is a major holiday season. So, please, Tweet the news and keep Tweeting!

What to Expect Next

I dunno.

That’s the scary part. No one does. It could be jus this one site or it could be more. Last time it was more.

So far I know there were two Twitter ID’s originally involved. Twitter was alerted to one about eleven hours ago and then the second about four hours ago as of the time of this post. Are there others? Odds are yes.

Consider that anyone smart enough to do the coding is pretty smart and can rcreate a good scam. Be safe.

There is no way to be sure that the Stalking Daily worm is only found at one site.

What To Do to Fix Your Problem:

If your Twitter ID is compromise Immediately change your password!

Log back onto Twitter. Send messages out, again and again about what happened & include #phishing and #stalk in them. That helps your own followers who trust you. Hopefully they will not click on that fraudulent Tweet or Tweets.

At #phishing and #stalk you will continue to find the latest updates and news, inclding newest info on how to fix the problem. Plus there are two links below.

More Sources

Below are links to Mashable’s new post plus  two other blogs about the problem that were posted earlier today.

http://mashable.com/2009/04/11/stalkdaily-twitter/

http://aquaculturepda.edublogs.org/2009/04/12/explanation-of-how-my-twitter-account-was-hacked/

http://kodespark.tumblr.com/post/95149076/the-stalkdaily-worm-on-twitter

Final Word

I will update this blog as needed.

Please stay safe & help others do likewise.

Add you experiences & ides in the comments. Please always include your Twitter ID, for example mine is @judyrey so others can find and follow you!

This entry was posted on Sunday, April 12th, 2009 at 3:04 am and is filed under Art Theory and Show Reviews. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.