Identifying Phishing Attacks
There are numerous phishing websites out there, and one of the most popular is HackTwitter. HackTwitter is a website that claims to be able to hack any Twitter account in a few minutes. I just want to go over with all of you what I found on this website to give it away (not that it isn't already suspicious...).
Mainly you will find improper grammar on websites like this. For example, they spell "victim" "victm", and "a individual," rather than "an individual." Another thing is punctuation. The website owner used the wrong "it's," saying "its" instead.
Look at the red text. It says that there is a "main" loophole in their security system. If there was such a hole, Twitter would have noticed it within days, if not hours.
They also tell you that you have a 98% chance of hacking the account, but near the bottom of the page, it "guarantees" 100% hacking rate. But the top of the page says 96.6% rate. That's not suspicious... ;)
"Our method is fully online based and you are not exposed to any sort of danger." (again with grammar....) The website doesn't even use SSL! What are you talking about?!
One you enter the account URL, it says (no matter what) "Successfully connected!" I have put in a fake/random URL (https://twitter.com/ffffffffffffffffffffffffffffff) and it says successfully hacked. This is something most people don't encounter because they first put in the Twitter account URL, not testing for malicious schemes.
I hope we all understand this, but others don't, so the owner wrote "Our application can hack any Twitter account within the simply click of a button." Boy do I want to choke him...
"Naturally, many of [the passwords] are made just of letters, and can be hacked extremely quick." Cracked, not hacked.
At the top right of the home page, there is a star-rating. "Oh! 9.5 out of 10 based on 19732 reviews!" Nope. What reviews? You can't make reviews, and you can't vote either.
Everyone has heard the excuse that surveys are designed to block bots. While this is sometimes true, I have found that most of the time, it's just a dead end that pays the survey maker every time one is completed, not to mention that giving out your credit card is a red alert for phishing. HackTwitter has one of these (to be expected). I don't know what you get after the survey (as I have never been able to complete one for some reason), but I'll bet you it is just an empty text file.
HackTwitter, among many other sites claiming to have unbeatable hacking powers, are just there to pay the owner and maybe steal some personal information of yours while their at it.
Be careful on the Internet, and don't fall for these tricks, no matter how official-looking!