High Profile Accounts Hacked As Twitter Employees Fall Victiim to Social Engineering Scheme

Twitter experienced one of the most significant security incidents ever on Wednesday. The Wall Street Journal reported, several employees were socially engineered and gave up keys to the kingdom. “The attack on Wednesday allowed hackers to take over an array of accounts, including those of celebrities, politicians, and billionaires such as Bill Gates, Kanye West, Joe Biden, and Barack Obama, as well as Apple Inc. and other companies.” The stock immediately dropped by over 3%.

Too good to be true? Red flag.
The scammers used the accounts to plug a bogus 2-4-1 bit coin offer.

ie: Elon Musk @Elonmusk
I’m feeling genorous because of Covid-19.
I’ll double any BTC payment sent to my BTC address for the next hour.
Good luck and be safe out there.
7&&& bitcon address &8&*(
Of course Twitter took them down once they got wind.

The great unknown? What kind of confidential information may have been in direct messages which the scammers may have had access too! Twitter needs to clean up its security and training.

Highly recommended that you step your high-risk employees through new-school security awareness training (https://www.knowbe4.com/products/enterprise-security-awareness-training/) and test, test, test them with simulated social engineering attacks so that they are inoculated against this kind of compromise.

From our blog:
A number of high-profile Twitter accounts were hacked including those of Elon Musk, Bill Gates, Kanye West, Joe Biden and Barack Obama. This is clearly the worst hacking incident in Twitter’s history. It began 7/15/2020 when compromised accounts began posting a bitcoin scam.

Twitter update. The compromised account number is now up to 130 and Twitter is still trying to determine if other info was compromised. No attributions yet to the social engineering attack.

Featured Webinars

Advanced Phishing and

Monday 1:30 PM – 2:30 PM
» Learn More
Outlook Phish Alert Button
Tuesday 1:30 PM – 2:30 PM
» Learn More
Customizing Phishing Templates, Landing Pages, & Training Notifications
Wednesday 1:30 PM – 2:30 PM
» Learn More
Active Directory Integration
(ADI) Setup

Thursday 1:30 PM – 2:30 PM
» Learn More

Friday 1:30 PM – 2:30 PM
» Learn More

Privacy Policy | Terms of Service