The Recent Massive Twitter Social Engineering Hack Was Tried And True Pretexting



twitter_bitcoin_hack image courtesy Grayson Blackmon / The VergeThe verge reported: "Twitter provided an update about the unprecedented July 15th attack that allowed hackers to tweet from some of the most high-profile accounts on the service, in a blog post and a series of tweets published Thursday evening. Twitter now says that a few employees were targeted in a phone spear phishing attack."

Apparently they do not know that the industry term for this is pretexting, and has been used for decades during both white hat and black hat network penetrations.

"While Twitter doesn’t quite say, that presumably means hackers called up Twitter employees while posing as colleagues or members of Twitter’s own security team, and got them to reveal the credentials they use to access internal systems.

Twitter had previously said its own tools were compromised in the attack, but up until this point, the company hadn’t specified how that had happened. “This attack relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to our internal systems,” Twitter said in a tweet from its support account."

See examples in the KnowBe4 ModStore with Pretexting videos featuring Kevin Mitnick:


The world's largest library of security awareness training content is now just a click away!

In your fight against phishing and social engineering you can now deploy the best-in-class simulated phishing platform combined with the world's largest library of security awareness training content; including 1000+ interactive modules, videos, games, posters and newsletters.

You can now get access to our new ModStore Preview Portal to see our full library of security awareness content; you can browse, search by title, category, language or content topics.

ModStore01-1The ModStore Preview includes:

  • Interactive training modules
  • Videos
  • Trivia Games
  • Posters and Artwork
  • Newsletters and more!

Start Your Preview

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/training-preview



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews