Twitter Phishing Attack Hooks UK Cabinet Minister - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Operating Systems
News
2/26/2010
01:07 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Twitter Phishing Attack Hooks UK Cabinet Minister

The company is warning people not to surrender personal details to fake Twitter login pages.

A phishing attack on Twitter has claimed several high-profile victims including a British cabinet minister and a bank.

Ed Miliband, the U.K's Secretary for Energy and Climate Change, on Friday found his Twitter account sending out spam tweets promoting sexual enhancement products.

U.K.-based security company Sophos says that Miliband appears to have been duped into revealing his login and account details by a series of attacks identified earlier this week.

The attack relies on the phrases "This You????" or "LOL this is funny" to get Twitter users to click on phishing links.

Those links take victims to a look-alike Twitter login page that turns entered information over to the cybercriminals behind the campaign.

Twitter on Wednesday posted a warning about this particular scam. "If you receive a DM or see a message with a phrase like 'This you??' or 'LOL is this you' followed by a link, please do not click through; there's a phishing site on the other side," the company said on its status page.

First Direct, an Internet and telephone banking subsidiary of HSBC Bank, on Friday acknowledged being victimized in a Twitter post: "Hi all, I'm sure you can tell, but we were hacked last night - please disregard any inappropriate tweets that purport to come from us!"

Recognizing the potential brand damage, the bank quickly clarified that only its Twitter account had been compromised and that no customer personal data had been revealed.

Other victims in the U.K. reportedly include Labour party deputy leader Harriet Harman and journalists from the BBC and The Guardian.

F-Secure, a security company based in Helsinki, Finland, attributes spammers' interest in compromised Twitter accounts to recent efforts by Google, Microsoft, and Yahoo to integrate nearly real-time data, like Twitter posts, into search results lists. This allows spammers to use Twitter and other social communication tools to target keywords associated with current news events, in order to secure prominent placement for their malicious links.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
Enterprise Guide to Edge Computing
Cathleen Gagne, Managing Editor, InformationWeek,  10/15/2019
News
Rethinking IT: Tech Investments that Drive Business Growth
Jessica Davis, Senior Editor, Enterprise Apps,  10/3/2019
Slideshows
IT Careers: 12 Job Skills in Demand for 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/1/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Slideshows
Flash Poll