ConnectApp — Link your Twitter

🦹 You (the attacker)

Logged in as: attacker@evil

Linked Twitter: (none)

Logged in as: sarah@blog

Linked Twitter: (none)

Click any link the attacker sends — that's how this attack works in the wild.