Twitter phishing hack nabs big victims in BBC, Guardian, First Direct & Ed Miliband
Twitter is currently experiencing its third big phishing hack attack in the space of a week, and this particular one seems to have nabbed some big-name victims. It appears even hardened journalists, bank employees, and government ministers can’t resist clicking on a blind link occasionally.
On Monday, Twitter was hit by the ‘Lol’ scam, with messages typically reading, “LOL is this you” or something similar, followed by a blind link. That link then led to a fake Twitter login page which harvested the details of anyone naive enough to enter their username and password.
On Wednesday, Twitter was hit by the ‘This you????’ scam, which worked in exactly the same way as the previous scam. All that had changed was the message used to lure Twitter users into clicking on the link.
Today comes news of a third phishing scam. This new one relies on the lure of sex or lurid contact with a random female. A message, usually in the form of a DM, reads, “hi, i’m 24/female/horny … i have to get off here but message me on my windows live messenger name.” Once compromised, the accounts then spammed messages to all their followers saying, “hey, i’ve been having better sex and longer with this here,” followed by a link to a Web site selling Viagra or similar performance-enhancing drug.
Rather embarrassingly, this latest scam has hit a fair few well-known victims. According to The Guardian, these include Ed Miliband, the environment minister for the British government, BBC correspondent Nick Higham, the Press Complaints Commission, the head of audio at The Guardian Matt Wells, and online bank First Direct. The latter of which had to assure customers that their details hadn’t been compromised in the attack.
The chances are high that all of these attacks originate from the same source, with the many variants released a couple of days apart in order to catch out as many people as possible. Which unfortunately seems to be working.
As always, the only advice is to use common sense, both in your dealings with random DMs and with blind links which mostly now use URL Shorterners to cover their destinations. And if you do fall for one of the many Twitter phishing hack scams then change your password immediately before ensuring nothing more damaging or permanent has been attached to your account.
Related Posts:
