I just read internet’s famous Cory Doctorow’s very interesting post about how he got phished (!). What struck me was not his whole parasite-perfect-timing-phone-reset scenario. The take away for me was that on a small screen you can’t see the entire URL of where you’re going. I can imagine a scenario where phishers look up your friends on facetwitt, send you a “personal” note with a perfectly crafted URL to fit you iphonedroid’s browser. Your phone would hide the fact that you’re not logging into the site you think you are. Yikes!
I’m currently abstaining from all social networking sites. They’re totally awesome and fun and a great way to keep in touch with friends far and near. However, my security hackles go up too high with them, so I’ll have to be happy with my blog and its 4 readers instead of an intensely well read facebook wall (that’s what the kids call it, right?).
Phishers often depend on super popular site like twittface to spam you with a note from a service you’ll likely be using. I laugh these off because I don’t use any them. But if I was a phisher, I’d programmatically crawl the feeds to figure who your friends are and who you actively communicate with. I’d then watch out for nouns and verbs you’d expect in a message based on the vernacular your lil’ group uses, and then I’d phish you like a bunch of mom’s on their iMacs (my mom and her iMac excluded, of course!).