Background: Compromised Twitter accounts are tweeting @ friends/followers a random phrase (1) which includes an open redirect URL (2) that leads to phishing sites (5). There are two additional redirects (3, 4) before the recipient reaches the actual phishing site.
Phrases
- This is too funny of you [open redirect]
- OMG when did you do this? [open redirect]
- I can't stop laughing! [open redirect]
- This pic of you is funny lol [open redirect]
Open Redirect