Scam of the day – February 4, 2013 – Twitter hacking

Twitter has announced that it had been hacked into and that the hackers managed to steal information on 250,000 Twitter accounts before the attack was shut down.  The stolen information includes usernames, email addresses, session tokens and encrypted passwords.  Although the passwords were encrypted, hackers are able to use password cracking programs to decipher the encrypted passwords if the password are simple ones as unfortunately too many people use.  Even more problematic is that since many people make the mistake of using a single password for all of their accounts, once the password is compromised, all of your accounts are in jeopardy.  You can find detailed information in my book “50 Ways to Protect Your Identity in a Digital Age” about how to pick an easy to remember, but difficult to crack password.  One problem with the Twitter hacking is that if you were one of the people who were hacked, you will receive an email from Twitter, however, you also will probably receive an email from the hackers posing as Twitter.  A significant threat posed by the hacking is that people will receive messages appearing to be from trusted sources that will lure them to click on a link, which can lead to downloading keystroke logging malware that can steal all of the personal information from your computer or lure them to provide information to what appears to be a trusted source, but in reality is an identity thief.

TIPS

Never click on a link unless you are absolutely positive that the link is not only from someone you trust, but that they have not been hacked as well.  If you are a Twitter user, the best course of action would be to go to your account and try to log in.  If you are unable to do so , it means that you were one of the accounts that was hacked.  Twitter reset passwords for the effected accounts.  You should then go directly to the Twitter website, go to the “Forgot password” link and reset your password to something safe.  Do not click on a link in an email that purports to be from Twitter because it may well be a phishing attack from the hackers trying to access your information.    The phishing emails used by the hackers apper to be quite legitimate, but they are not.  Instead go directly to the Twitter website on your own by typing its URL into your browser.