You may have heard about cyber criminals compromising approximately 130 high-profile Twitter accounts on July 15. The accounts belonged to major public figures, business moguls and a former US president.
The attackers sent out tweets from the high-profile accounts claiming to match any BitCoin payments sent. It worked—the attackers received $120,000 worth of BitCoin.
As the New York Times put it, “the hack was coming from inside the house.” At least one account belonging to a Twitter employee was compromised using social engineering.
Social engineering occurs when an attacker manipulates someone into giving them sensitive information. This can include research on the attacker’s end by gathering information about the person, usually with social media. Cyber criminals use social engineering to a large extent because it is often successful.
Warning signs of social engineering:
- Urgency. Cyber criminals will make a situation seem dire and urgent hoping that you will comply by wanting to help.
- Odd requests. Trust your gut if something seems off. A foreign prince or princess is not actually emailing you to offer you a large amount of money.
- A response to something you did not initiate.
- A request for login credentials, banking info, or other sensitive information to “verify your account.” Credible institutions will not contact you to ask for this type of information.