A fresh twitter phishing campaign is underway and using both tweets and direct messages to spread. The messages contain text such as “hah, I think I seen u on here” and “wow you look different on here” together with a link to a video. The URL hxxp://videos.dskjkiuw.com is one of the ones being used. At this time, eSoft is not detecting malware or exploits on this domain, but the target page presents a good imitation of the twitter login page in an attempt to steal credentials. As such, eSoft has flagged it as “Phishing & Fraud.” The Threat Prevention Team will keep a close eye on developments. Below is a series of screenshots starting with an example direct message and leading to the fake login page and the series of pages that come up after entering bogus username and password info.