“haha. This you????”

I’ve only had two of these phishing DMs that are currently all the rage on Twitter. Curiosity got the better of me, so I followed the link. I’m tempted to create a dummy account and give it the credentials to see what it does.

I’ve attached screenshots, comparing the fake login page with the real one, and the destination you get to when you give the fake page your credentials. (I used fake info, naturally!) It’s just an empty Blogger blog. Most of the other links on the fake page don’t work.

Honestly, I can see how people are taken in. I instantly noticed the padding errors where they hadn’t duplicated the page properly, but Twitter hasn’t always had the best design, so I could easily believe it was the real login page on a bad day. Of course, the URL is totally wrong, but that could be missed by people with no reason to doubt the link.