Target’s Twitter Gets Hacked And Hackers Post A Scam Tweet

November 23, 2018

Written by wukovits

Target is the latest company to fall victim to a simple but effective Twitter-Bitcoin scam.  The scam is about as straightforward as it gets:  A tweet gets sent out by a well-respected brand or prominent individual.  It contains a link which is likely to be clicked on, given that it’s from a prominent individual or well-respected brand.

The page at the other end of the link contains instructions that amount to a lot of hoop jumping. However, the verbiage makes it sound like if you send the company or prominent individual a small amount of Bitcoin, you’ll wind up getting a larger amount back.  Of course, that part isn’t true, but a shocking percentage of people have fallen for it anyway.  In fact, when hackers took control of Target’s Twitter account for an hour and a half recently, the tweet and link they sent out netted them nearly forty thousand dollars.  Not bad for an hour and a half’s worth of work.

For their part, Target deleted the tweet once they realized what had occurred, changed their password, and sent out an apology. Truth be told, this is as much Twitter’s issue as it is Target’s.

When the hackers sent out the tweet via Target’s account, they posted it as an ad so they could pay to promote it, ensuring even more exposure.  In order for it to be approved in that form, however, someone at Twitter would have had to review and manually approve it.  While it’s true that the responsibility for the password lies with Target, given how common this scam is becoming, the Twitter staff should have caught it, but didn’t.

In any case, this incident contains a couple of good lessons. It pays to be mindful of the latest scam making the rounds if you use Twitter for marketing.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.