Forum Thread: Identifying Phishing Attacks

Identifying Phishing Attacks

There are numerous phishing websites out there, and one of the most popular is HackTwitter. HackTwitter is a website that claims to be able to hack any Twitter account in a few minutes. I just want to go over with all of you what I found on this website to give it away (not that it isn't already suspicious...).

Grammar

Mainly you will find improper grammar on websites like this. For example, they spell "victim" "victm", and "a individual," rather than "an individual." Another thing is punctuation. The website owner used the wrong "it's," saying "its" instead.

Logic

Look at the red text. It says that there is a "main" loophole in their security system. If there was such a hole, Twitter would have noticed it within days, if not hours.

They also tell you that you have a 98% chance of hacking the account, but near the bottom of the page, it "guarantees" 100% hacking rate. But the top of the page says 96.6% rate. That's not suspicious... ;)

"Our method is fully online based and you are not exposed to any sort of danger." (again with grammar....) The website doesn't even use SSL! What are you talking about?!

The Obvious Stuff

One you enter the account URL, it says (no matter what) "Successfully connected!" I have put in a fake/random URL (https://twitter.com/ffffffffffffffffffffffffffffff) and it says successfully hacked. This is something most people don't encounter because they first put in the Twitter account URL, not testing for malicious schemes.

I hope we all understand this, but others don't, so the owner wrote "Our application can hack any Twitter account within the simply click of a button." Boy do I want to choke him...

"Naturally, many of [the passwords] are made just of letters, and can be hacked extremely quick." Cracked, not hacked.

[From the Terms of Use] "Further, Twitter Hacker does not warrant or make any representations concerning the accuracy, likely results, or reliability of the use of the materials on its Internet web site or otherwise relating to such materials or on any sites linked to this site." You literally just said 100% success rate, no doubt. -_-

Ratings

At the top right of the home page, there is a star-rating. "Oh! 9.5 out of 10 based on 19732 reviews!" Nope. What reviews? You can't make reviews, and you can't vote either.

The "Bot Blocker"

Everyone has heard the excuse that surveys are designed to block bots. While this is sometimes true, I have found that most of the time, it's just a dead end that pays the survey maker every time one is completed, not to mention that giving out your credit card is a red alert for phishing. HackTwitter has one of these (to be expected). I don't know what you get after the survey (as I have never been able to complete one for some reason), but I'll bet you it is just an empty text file.

Conclusion

HackTwitter, among many other sites claiming to have unbeatable hacking powers, are just there to pay the owner and maybe steal some personal information of yours while their at it.

Be careful on the Internet, and don't fall for these tricks, no matter how official-looking!

-Cracker|Hacker

4 Responses

Good points.
Not always they use bad grammar, sometimes they use adulatory terms and formal grammar to give you confidence.

Hi,

Although this site is for sure a fake, just because it connected to a fake Twitter, doesn't mean anything. "Twitter.com/FFFFFFFFFFF" connects you to their Website even though it's a fake. By that, it didn't connect to an account, it most probably just logged in the Website.

Still... Great post... And thanks for the facts.

Regards,

R00T

I wonder why people think otherwise...

Share Your Thoughts

  • Hot
  • Active