Update: Graham Cluley’s issued a blog post a couple of days ago suggesting that so far, at least some of the phishes described in our earlier blog about Twitter phishing have been used for old style defacement purposes rather than out-and-out fraud. (I suspect, though, that now this latest phishing genie is out of the bottle, there will be fraud…)
There has been a further development though: in a further blog, Twitter reported that the 33 compromised accounts owned by Britney Spears, Barack Obama, Rich Sanchez et al. were subject to a hacking attack, nothing to do with the phishing attacks reported below.
There have been unkind words on some specialist lists about Twitter’s competence: all I can say is, that for an organization that seems to be having a pretty bad year so far, they are making a serious effort to acknowledge and address their security problems, and deserve credit for it.
Author David Harley, ESET