It's time for

Beware of Fictitious Twitter Profiles

November 5, 2010

This morning Google alerted us to a fictitious website that mirrored our Twitter profile. What’s surprising is that it has the last post we tweeted yesterday. It looks so realistic that many people might accidentally log into it with their username and password… and that could be a problem! Here’s a quick analysis of what we found.

The Google Alert that notified us about the Twitter clone.The Google Alert that notified us about the Twitter clone.

Below is a screenshot of a bogus profile that mimics our Twitter account. It doesn’t bear the same resemblance as the new look Twitter launched the other month but some accounts might not be upgraded yet. Plus, we noticed Twitter resorts back to the old layout when they are having server issues.

Screenshot of our Twitter profile being replicated on another server.Screenshot of our Twitter profile being replicated on another server.

How severe could this problem be?

Because we haven’t updated our Twitter profile since yesterday I wanted to compare a company that updates their status almost hourly. In the below example, the mirrored profile of Mashable is only ten minutes behind. That’s very close!

Mashable’s Twitter profile mirrored on a phishing website.Mashable’s Twitter profile mirrored on a phishing website.

Who’s responsible for this problem?

Well, we’re not reporters and it looks like Apigee.com is a legitimate company. Maybe one of their clients is abusing the system or they are working directly with Twitter. It is a possibility this could be a phishing attempt. In addition, it could cause duplicate content (dependent on robots.txt file working); which could skew results on Google’s search engine results page. If it is legitimate, we hope they block access from the public.

Screenshot of cloned Twitter profile indexed on Google.Screenshot of cloned Twitter profile indexed on Google.

Conclusion

We hope this article, about a Twitter clone, was helpful and makes you more aware of phishing attempts. Don’t get hooked!