Phishing in (less than) 140 characters...

Well, I thought I had seen everything in phishing, but this is kinda new: somebody tried to hook me up using shortened url pointing to a fake twitter password verification page.

Yesterday I got this tweet from one of my connections (who has probably fallen prey to the attack already):

if you follow the shortened url, you end up on this page

that looks like a legitimate Twitter password verification page.

But look in detail at the url: it is not "", but "" and this is just another attempt to steal your passwords.

I have already reported the url to Google, and as far as I can see, now Chrome and Firefox block it out, but it may be the case that mobile devices take more time.

Just watch out, and never give your password without verifying the site asking for it.