Twitter Reveals Phishing Attacks, Resets User Passwords
By Bryan on February 5, 2010 | Phishing, Twitter, phishing, online security
There's been news that many Twitter users had their passwords reset earlier this week and now we've got the actual story behind it.
It appears that a mysterious website developer had pulled out a scam which resulted in a lot of Twitter log in details being stolen. Twitter's director of trust and safety, Del Harvey had explained it in his latest blog post: “It appears that for a number of years, a person has been creating torrent sites that require a login and password as well as creating forums set up for torrent site usage and then selling these purportedly well-crafted sites and forums to other people innocently looking to start a download site of their very own. However, these sites came with a little extra — security exploits and backdoors throughout the system”.
The flaws left by the creator of these websites allowed them to gain access to the users' login details on the particular website. These details were then used to access people's other online accounts which used the same username and password.
Twitter's suspicion was raised by the odd activity on some accounts which had experienced a sudden increase in the number of followers. This was followed by Twitter's security investigation which had revealed that users following the suspicious accounts have most likely been victims of the scam.
However, although Twitter was nos able to identify all of the forums and websites that took advantage of the exploits left by their creator, it had sent the password reset requests to all of the users which were suspected of being the victims of this fraud. Moreover, Twitter also suggested that their users should be aware of the dangers of using the same username and password on different sites. In case it falls into the wrong hands with the help from one website it would allow online scammers to gain access to the other accounts using the same login data.
"We felt that it was important to put this knowledge out there so that users would know of the possibility of compromise of their data by a third party unrelated to their Twitter account. We strongly suggest that you use different passwords for each service you sign up for", Harvey added.
More Phishing news
Chinese scammers imitated legitimate ad companies
Recently Chinese scammers were caught for rogue advertising. They attempted to pretend to be legitimate media agencies. The culprits were using rogue advertisements for making users to believe in their legitimacy and force to spend their money or even to get personal information. This kind of scam is very noticeable because of its increase in the number. One of scammers was traced back to China. Read more.- New Facebook fraud uses iPhone and iPad for bait
- Online identity theft is not a problem for cybercriminals at all
- ‘Dislike’ feature is another scam spreading on Facebook
- Online Credit Card Processor Company is compromised
- British bank is robbed online by malware gang
- Scam on Facebook under the Name of Toy Story 3
- KOOBFACE Bot Uses Fake YouTube Pages
- Siemens SCADA is targeted With a New Worm
- Private Chat may be discredited at Chatroulette.com
- Twitter is a Scammers’ Target Again
