Recently, an organization I am so passionate about got hacked. In Order to protect their privacy its will keep the identity to myself for now. The kind of attack subjected to the company was a phishing attack using google drive and by reading this link its quite obvious that these kind of incidences will escalate even more in 2014.
Lets explore how phishing can occur in twitter. Consider this image below.
This is a screenshot from my inbox. Clearly this guy mentioned me in his tweet. however in reality this is not the case. Going into his account won’t show he created such a tweet.
Something is odd about this tweet which proves clearly that its up to no good. Pay attention.
1. The link format – the link attached to the tweet above is supposed to be a link to a tweet I created. The format of the link is the shortened url which is fine. The problem here is that whenever links are attached on a tweet the link itself is transformed by twitter’s url shortening service but not the link text. Check out the example below.
See right there, the link looks exactly the way I pasted it.
2. Shortened url – Twitter uses only t.co as its url shortening service. The phishing tweet above shows the link from another service po.st.
Again, the normal recommendations still apply whenever using the online services
-
Use a strong password.
-
Do not click on links you don’t trust like above.
and most importantly
-
If you suspect that you have been hacked, login to your account on another browser or machine and change your password immediately.
Btw, the guy in the tweet above, he was actually hacked. Check out his tweet and oh I never clicked on the link.
