Security News > 2020 > July > Breach of high-profile Twitter accounts caused by phone spear phishing attack

Twitter has confirmed that the breach of several high-profile accounts that occurred on July 15 was caused by a phone spear phishing attack that targeted a small number of employees.

Using the credentials of the affected employees, the attackers managed to compromise 130 different Twitter accounts, including those of Bill Gates, Jeff Bezos, Elon Musk, Joe Biden, and Barack Obama, according to Twitter.

Spear phishing refers to a type of phishing attack in which criminals email specific individuals with the goal of gaining their account credentials or other sensitive information.

Twitter didn't explain what it meant by a "Phone spear phishing attack." This could mean that the attackers actually called certain employees by phone rather than using email to find out their credentials, or it could mean targeted employees received a message by phone or email convincing them to call a certain person masquerading as a legitimate Twitter administrator.

"A phone phishing attack would be similar , but instead the targets are telephoned and the criminal would attempt to elicit information, in this case, probably their account credentials," Mike McLellan, senior security researcher for Secureworks, told TechRepublic.

News URL

https://www.techrepublic.com/article/breach-of-high-profile-twitter-accounts-caused-by-phone-spear-phishing-attack/#ftag=RSS56d97e7