Journal

Phishing on Twitter

It is a rare occurrence that I would stumble across a timely topic. However, it seems that my academic hypothetical discussion has turned into a real world threat. I've been working all day and I finished eating dinner when I see the warning issued by Twitter. The questions that I asked from the last post really seem to hit home. So, I felt that a quick response would be appropriate. (Man, 3 posts in one week!!!) The question of "do identity thieves twitter?" seems to be yes after this threat hit the network. Even though it was using the oldest phishing trick in the book and I hope nobody fell for this trick. But, I believe this is a scary point in the microblogging phenomenon. I gotta believe this is the first step in more sophisticated attacks on identity in the Twitter network. Because it is really easy to post information in this format, we can accidentally expose information that could be a treasure trove for social engineers and identity thieves. This would expand the damage that can be caused by black-hat Twitterer from harmless to harmful. The purpose of this post is not to scare anybody. The purpose is to create awareness about this situation and I hope people will be more careful about what they say on a microblog.

One More for the Road...

Twitterkins lead me down another thought path when he tweeted me "who'd impersonate me when they'd gain nothing? Do identity thieves twitter? Like, to make it 'look good?'" I really don't have a good answer to this question. Also, I figured that this question deserved more than a simple 140 character answer. So, I figured I would poke this topic one more time to see where it leads. I have to preface all of these statements by saying that Twitterkins is Paul F. Tompkins. He seems like a nice guy and technical whiz. First, it's pretty obvious that spam has appear in the Twitterverse and other microblogging communities. The question that comes to mind is why spam when the spammer has nothing to gain. Could it represent something viral? Could it make the spammer feel that they are control of the network by feeding it information or misinformation? Could it make the spammer feel that he or she lead the network to another source that could make the spammer money? Being a sociologist, I can not speak on motive. I can argue that it depends on the type of community, the information being shared and where the links used by the spammer take the community member. Second, let's approach the second question asked by Mr. Tompkins, "do identity thieves twitter?" I would focus on the term "identity thief." According to the wikipedia, an identity thief is anybody that uses fraud to "stealing money or getting other benefits by pretending to be someone else." So, yes there are identity thieves in the harmless sense on Twitter. I can interact (and have had conversations) with the characters from the West Wing, Studio 60 and Mad Men. I doubt that the actor or actress who plays those characters are typing the Twitter posts. The benefit to those playing the characters on Twitter is that they get to play the characters they see on television. Mr. Tompkins is a famous cable show and someone could want to "play" PFT. Others have done research on being a "fakester" by adapting another persona. I have not research on this subject nor read deeply this research. The question I have is "is somebody using Twitter for a more harmful purpose (stealing money from others, causing harm)?" I doubt it, but I can't speak for certain.