Twitter Reveals Phishing Attacks, Resets User Passwords
By Bryan on February 5, 2010 | Phishing, Twitter, phishing, online security
There's been news that many Twitter users had their passwords reset earlier this week and now we've got the actual story behind it.
It appears that a mysterious website developer had pulled out a scam which resulted in a lot of Twitter log in details being stolen. Twitter's director of trust and safety, Del Harvey had explained it in his latest blog post: “It appears that for a number of years, a person has been creating torrent sites that require a login and password as well as creating forums set up for torrent site usage and then selling these purportedly well-crafted sites and forums to other people innocently looking to start a download site of their very own. However, these sites came with a little extra — security exploits and backdoors throughout the system”.
The flaws left by the creator of these websites allowed them to gain access to the users' login details on the particular website. These details were then used to access people's other online accounts which used the same username and password.
Twitter's suspicion was raised by the odd activity on some accounts which had experienced a sudden increase in the number of followers. This was followed by Twitter's security investigation which had revealed that users following the suspicious accounts have most likely been victims of the scam.
However, although Twitter was nos able to identify all of the forums and websites that took advantage of the exploits left by their creator, it had sent the password reset requests to all of the users which were suspected of being the victims of this fraud. Moreover, Twitter also suggested that their users should be aware of the dangers of using the same username and password on different sites. In case it falls into the wrong hands with the help from one website it would allow online scammers to gain access to the other accounts using the same login data.
"We felt that it was important to put this knowledge out there so that users would know of the possibility of compromise of their data by a third party unrelated to their Twitter account. We strongly suggest that you use different passwords for each service you sign up for", Harvey added.
More Phishing news
Free iPhone 5 on Tumblr? Avoid the scam!
Tumblr blogs are blazing with iPhone 5 presentations and giveaways; unfortunately, the news is far from being genuine. "Get the all new iPhone 5" and similar posts are fraudulent and they are only meant to trick people into filling online surveys. Those usually collect personal information which can be sold later.The iPhone5 Tumblr frauds may look quite legitimate as they present most of the posts as written by Tumbrl staff. Read more.- Newest Facebook scam - Russel Brand and Kate Perry leaked tape
- Scammers utilize the closing of Megaupload
- Facebook users attacked once again
- Scammers utilize Facebook's Timeline to their benefit
- New year for Facebook - a Ramnit worm
- New year but the same security problems: Facebook's clickjacking scam spotted
- Be careful as holidays are very profitable season for scammers
- iPhone 4S holiday scam
- iPad scam on Lady Gaga Facebook fan page
- Tumblr accounts harvester spotted
