Fake Twitter email opens door to hackers
Twitter users, think twice before clicking on that supposed confirmation email —it may get your computers hacked.
A security vendor on Wednesday night said the email will bear a spoofed Twitter email address, with the subject "Confirm your Twitter account."
"Please confirm your Twitter account by clicking this link ... Once you confirm, you will have full access to Twitter and all future notifications will be sent to this email address ... The Twitter Team," security vendor GFI Labs said in a blog post.
GFI said all links in the supposed Twitter confirmation email point to a Web page that appears to be a compromised account on ZENphoto.
ZENphoto is a blog and media platform that is quite similar to WordPress, it said.
Users are then redirected to a Russian website that contains a Blackhole exploit kit, which in turn deploys other exploits that target one- to six-year old Adobe Reader and Adobe Flash vulnerabilities.
GFI also advised website owners to update their plugins and applications to keep from getting hacked.
"It is equally important that they update all software installed on their systems to prevent further exploitation and infection," it said. — TJD, GMA News
Talk of the web