Welcome to WebmasterWorld Guest from 18.104.22.168
Forum Moderators: rogerd
The hackers who gathered login info in the "rofl-video" phase then launched a DM spam campaign inviting the recipients to learn how to make hundreds of dollars a day online. (No, I didn't click either link.)
In each case, the DMs came from a Twitter friend, making them more likely to be clicked on.
I think it's likely that some pros fell for the fake login screen because of Twitter's normal tendency to forget your login. Even though I always check "remember me" when I'm on a personal PC, I am often confronted by unexpected Twitter login screens. If you are multitasking and not paying close attention, it would be easy to mistake the bogus login screen for another Twitter fail.
Requests apparently coming from friends, etc. They don't treat them with the same caution they do with emails, etc. Only one member the social network needs to fall and many may follow...
What happened to Twitter is the price of fame you might say and they should have the financial clout to implement better security rather than do what I had done, none of our sites is as big or worth as much as Twitter. We may have some technical expertise, but we lack the expensive networking infrastructure needed, but they don't or at least they can afford it!