There's a scam spreading through Twitter Direct messages (DMs) and fake emails, appealing users to visit a fake twitter phishing site i.e "twittler.com". Scam uses a hijacked Twitter account to send out direct messages that appear completely legitimate.
Security blogger, Janne Ahlberg blogged about this new phishing scam, "This is a nasty trick especially when the sender is someone you know and trust. If you receive a suspicious DM or email from a person you know and trust, just warn him/her – the account is most likely hijacked and controlled by the attackers."
The webpage resembles a Twitter login page and is trying to obtain your Twitter login credentials with a domain name looks very similar to original Twitter.com, with two extra word "LL" in it.
To play it safe, double-check your browser address bar to make sure that's where you are on orginal website twitter.com before logging in.
If you enter your Twitter username and password into this site, you will become a victim of and the hacker will then control your Twitter account to hack more users via spamming them on your behalf.
What do you do if your account is hacked? Change your password immediately, Check what applications you've given access to your account, Revoke access for any suspicious applications, and delete tweets and DMs you sent and received while your account was compromised.
About the author