Software // Operating Systems
News
2/26/2010
01:07 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Twitter Phishing Attack Hooks UK Cabinet Minister

The company is warning people not to surrender personal details to fake Twitter login pages.

A phishing attack on Twitter has claimed several high-profile victims including a British cabinet minister and a bank.

Ed Miliband, the U.K's Secretary for Energy and Climate Change, on Friday found his Twitter account sending out spam tweets promoting sexual enhancement products.

U.K.-based security company Sophos says that Miliband appears to have been duped into revealing his login and account details by a series of attacks identified earlier this week.

The attack relies on the phrases "This You????" or "LOL this is funny" to get Twitter users to click on phishing links.

Those links take victims to a look-alike Twitter login page that turns entered information over to the cybercriminals behind the campaign.

Twitter on Wednesday posted a warning about this particular scam. "If you receive a DM or see a message with a phrase like 'This you??' or 'LOL is this you' followed by a link, please do not click through; there's a phishing site on the other side," the company said on its status page.

First Direct, an Internet and telephone banking subsidiary of HSBC Bank, on Friday acknowledged being victimized in a Twitter post: "Hi all, I'm sure you can tell, but we were hacked last night - please disregard any inappropriate tweets that purport to come from us!"

Recognizing the potential brand damage, the bank quickly clarified that only its Twitter account had been compromised and that no customer personal data had been revealed.

Other victims in the U.K. reportedly include Labour party deputy leader Harriet Harman and journalists from the BBC and The Guardian.

F-Secure, a security company based in Helsinki, Finland, attributes spammers' interest in compromised Twitter accounts to recent efforts by Google, Microsoft, and Yahoo to integrate nearly real-time data, like Twitter posts, into search results lists. This allows spammers to use Twitter and other social communication tools to target keywords associated with current news events, in order to secure prominent placement for their malicious links.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.