Phishing is back in the news!

The hack of Twitter in July 2020 that led to the compromise of some very famous accounts (Bill Gates, Elon Musk, Barack Obama, et. al.) for use in a bitcoin-stealing scam grabbed global headlines for a few days. The story started winding down with the arrests of three young men in the UK and Florida. The attack showed some sophistication, combining surveillance of Twitter-internal Slack channels, SIM-swapping, the creation of a fake Okta authorization-server landing page, and social engineering of Twitter IT techs via voice calls, but did not rise to the level of state-actor or professional cybercriminal attacks.
Twitter should feel lucky that the thieves only set their sights on a small payday (netting less than $120K before they got caught) rather than broadcasting false headlines that might have shaken global financial markets.
It’s a useful reminder that phishing remains among the most popular and successful attack vectors for a variety of cybercrimes, accounting for some 30% of all breaches.

Back to News List