Investing With Options header image ≡ Menu

Just Released: Get Your FREE Iron Condor Trading Toolkit

Click Here to Download

If You've Been Spammed on Twitter Recently, Read This

I'm writing an unrelated topic tonight as it has to do with twitter/stocktwits which is pretty integral to my business and my reputation online.

So I tried out a new twitter app that wasn't secure and wasn't using oAuth (this app wasn't the culprit-- was a phishing scam), and my twitter account was comprimised. A day later, they used the api to access my account and started to spam to my followers. I had changed my pw but then changed it back-- bad move.

Anyways I'm not too happy and neither is the rest of the Twitter-verse. So I've declared jihad against the culprit: Someone (maybe them, maybe not) is promoting their site by hijacking your twitter account to tell your friends. Allowing them to hijack your account is part of their terms of service apparently, but I never signed up for their site so they shouldn't have access to my twitter user/pass to begin with.

Anyways, I had a guy smarter than me take a look at what he could find-- wasn't too hard, just a couple whois requests on the server and the nameserver:

Registration Service Provided By:

Domain name:

Registrant Contact:
WhoisGuard Protected ()

Name Servers:

So namecheap did the reg. The contact info for the server on which the domain is hosted is protected. But let's look at the nameserver:

Domain ID:D28972607-LRMS
Domain Name:OSGNL.INFO
Created On:04-Jul-2009 17:26:04 UTC
Last Updated On:04-Jul-2009 22:10:32 UTC
Expiration Date:04-Jul-2010 17:26:04 UTC
Sponsoring Inc. (R171-LRMS)
Registrant ID:CR5887149
Registrant Name:Rashid Alkhaili
Registrant State/Province:Dubai
Registrant Postal Code:5591
Registrant Country:AE
Registrant Phone:+971.502750502

Related Contact: [email protected]

So the nameserver registered on godaddy.

What You Can Do

So if you've been a victim either directly or indirectly, I encourage you to take action. As twitter is part of my business and my reputation matters, I decided to take this on.

Report Abuse to GoDaddy Here. Or twitter them @GoDaddy or @GoDaddyGuy

Report Abuse to Namecheap Here. Or twitter them @NameCheap

The Abuse should be about the nameserver for GoDaddy and for namecheap. Tell them that they phished your twitter username and password and used your private account for spamming.

Hopefully these two companies, with whom I've done business with in the past and trust, will be able to help us out.

I'll update this page later on as I get further data. may not have been the actual culprit but a third party just using their platform as a tool. But until I see evidence against--jihad.

Update 1: Here's the Disclaimer on

Our site does not phish accounts, any content on this site may not be 100% percent accurate. By using this site you agree is not to be mentioned or involved with any legal matters. is a suspected phishing site, and is also found on, probably same group.

Update 2: Here's part of their ToS on

7. You agree if you spam our site you will be banned from our service forever with out hesitation.

The fact that they say that leads more credibility to the thesis that their site may have little to do with the spam and could be from someone else.

Update 3: Talked to NameCheap

They ran a whois on the ip rather than the domain and the hosting comes out of the Netherlands, compay is Ecatel. I've seen a lot of shady stuff come out of those servers. I will email [email protected] but don't know what kind of response I'll get.

Pretty sure this is related to that's where I first got caught up in this bs. Also seeing that part of it too.

by Steven Place

Steven Place is the founder and head trader at