The URL hxxp://videos.dskjkiuw.com is one of the ones being used. At this time, zvelo is not detecting malware or exploits on this domain, but the target page presents a good imitation of the twitter login page in an attempt to steal credentials. As such, zvelo has flagged it as “Phishing & Fraud.” zveloLABS™ will keep a close eye on developments.
Below is a series of screenshots starting with an example direct message and leading to the fake login page and the series of pages that come up after entering bogus username and password info.
[Screenshots removed.]
Author: zvelo
Making the Internet Safer and More Secure. zvelo provides industry-leading cyber threat intelligence and URL classification data services. zvelo’s proprietary AI-based threat detection and categorization technologies, combines curated domains, threat and other data feeds, with the clickstream traffic from its global partner network of 1 billion users and endpoints to provide unmatched visibility, coverage, reach and accuracy. zvelo powers applications and solutions for the world's leading providers of web filtering, endpoint detection and response (EDR), extended detection and response (XDR), Secure Access Service Edge (SASE), brand safety and contextual targeting, cyber threat intelligence platforms, threat analysis, and more.
