The Twitter phishing attacks from earlier this week stepped up a gear on Friday with huge volumes of spam from compromised accounts, some of which belonged to UK cabinet minsters and even a bank. Pwned micro-blogging accounts include high profile targets such as Ed Miliband MP, Secretary of State for Energy and Climate Change. …
Why can't Twitter filter these DMs out?
The content was very disappointing after the promise in the headline ' Harman gets hacked'.
I was hoping for the delightful news that Harperson had been targeted by a ninja death squad.
( suitable subject for a Playmobile recreation, and it is Friday )
So Harriet managed to click on a (presumably gender non-specific) phishing link. Was she driving at the time?
It just goes to show
that the weakest link in any form of computer/IT/account security is the user.
Curiosity may have killed a few cats, but it has compromised far more credentials.
Is this a photograph of you?
Notice of unreported income.
My name is Ursula and I want to be your friend.
I can make a system very secure. Almost completely secure in fact against scripted attack. But as soon as there is a user account on that system other than my own, I consider it highly vulnerable and likely to be compromised.
I would just like to add
Phishing is not hacking.
Hacking requires skill.
Phishing requires the ability to copy+paste and stupid/ignorant/curious (delete as appropriate) users.
Ed Milliband needs a bit of help in the todger department and was telling his mates about the fine source of therapeutic agents he'd discovered. Then, when news leaked out, resorted the time-honoured "oh noes, it woz teh norty hax0rs wot dunnit" excuse.
I prefer that version of events. Before you say anything, who's more likely to be telling the truth, me or a Cabinet Minister.....?
...that so many people (most whom should know better) are still falling for this most basic of credential-harvesting scams.
Appreciated, that the MPs in question may not update their own twitter feeds etc. but the person who does needs a slap (followed by an education).
If they'd had ID cards this couldn't have happened, they protect you from identity theft.
And a nice lady at first direct told me their systems are secure.
It doesn't help....
.. when you highlight the fact that there is a fake site out there to people at the site being mimicked and their response is "You don't have an account with us - please sign up".
Yes Milliband and Harman and countless thousand others are frankly idiots for falling for it but when attempts to report scam/phishing sites are simply dismissed out out hand........
Should not be allowed near connected computers.
Twitter, Facebook, what are they?
Am I missing something?
Twitter Fail # 827365467
Social Networking is for numpties.
My opinion, yes.
Too right and the phishing boys seem to have already cottoned on to that little truism. All the really low-hanging fruit on one tree, what's not to like?
What's going to be really funny in a minute is when the Whaling types wake up and notice that Tw@ter offers a handy service whereby a simple phishing run can yield Bankers, captains of industry, senior politicos and all the the others they carefully target. If a shotgun campaign gives up gold, a carefully composed targetted attack on specific users should easily cough up the keys to the kingdom.
The countdown starts now, you ain't seen nothing yet.
'The lures often came in the form of direct messages with the lines such as "This You????" or "LOL this is funny".'
Not responding to people who talk or write like that would have protected everyone in this case.