Twitter has announced that 250,000 accounts have been hacked in attacks that they say appeared similar to recent attacks on the New York Times and the Wall Street Journal. If the attacks, exposing usernames, encrypted password data, email addresses and session tokens, aren’t bad enough, Twitter’s announcement opens the door for a series of follow-up phishing attacks.
Here’s what to watch out for.
The number of accounts compromised is very small given the number of Twitter users. The main threat come from opportunists taking advantage of the situation. Following the discovery of the attack Twitter announced that they emailed the account holders concerned, opening the door for a potential attack route where fraudsters send emails purporting to come from Twitter, attempting to trick people into handing over their Twitter and other account information.
A second, much less likely, attack could come from a compromised Twitter account. The chances of this are lower as Twitter have said that they’ve identified the accounts concerned and the password data stolen is encrypted.
In either case emails purporting to come from Twitter, carrying links to malicious websites is expected.
If you have a Twitter account the advice is to try and log in to your account and, if there’s a problem, you should then reset your password.
If you receive an email purporting to come from Twitter, perform the step above, or very carefully check that any link in the mail goes to Twitter and not a site pretending to be Twitter. To do this, put your cursor over the link and check the address, which is normally shown in the bottom left of your browser window.
Finally Twitter are advising all users to:
That’s good advice.