14 DAY TRIAL // Yesterday we've seen how twitter.com is the most targeted domain by typosquatters because the company failed to purchase the domain names that may be typed by mistake by their customers while rushing to access the site.
A perfect example is tvvitter.com, a site that requests access to your account and then automatically posts a message from it to advertise the StalkTrak application.
The site claims that by signing up you can find out who is stalking you on Twitter, who is reading tweets from your timeline, but it also updates your profile, posts tweets for you, accesses your DM, sends you text notifications and customizes your Twitter layout.
This basically means that you are handing the account over to someone else.
GFI researchers found that even some celebrities fall for these scams. They came across a tweet in The Naked and Famous’s feed, a New Zealand indie rock band from Auckland, urging followers to find out who’s stalking them.
Fortunately, the malicious tweet has been removed, but these situations are dangerous due to the fact that celebrities usually have a large number of followers who will most likely click on anything advertised by their favorite stars.
Until Twitter manages to follow Google's and YouTube’s example, and purchase all the typosquatting domain names, a lot of these schemes will be present, targeting accounts and utilizing them to spread malicious schemes.
Users are advised not to trust shady messages that offer prizes, or applications that reveal stalkers or other dirty secrets.
No matter how many surveys you complete, or how many times you hand over your email address or password, you will never win any prizes and you’ll never find out who’s stalking you because all these advertisements are fake.
On the other hand, you can be certain that the ones who launch these campaigns earn money each time they trick users into clicking on a link or providing personal data.