Last Wednesday, the accounts of Bill Gates, Elon Musk, Apple, Uber, and many other high-profile Twitter users fell victim to an attack on Twitter. Tweets sent from those hijacked accounts each promoted an advance fee cryptocurrency scam, promising to double the value of Bitcoin currency sent to one specific wallet. By late Wednesday night, Twitter released a series of tweets explaining the compromised accounts were the result of a social engineering attack.
Twitter locked down thousands of verified accounts, including the accounts of Joe Biden, Apple, Uber, and others, after it became clear that hackers had been able to compromise them.
But what exactly happened? Twitter’s internal investigation is still ongoing, but they did say that attackers had somehow compromised the company’s internal systems and secured employee privileges. Social engineering is a big part of cybersecurity risk as it involves little to no technical knowledge at all, all It requires is some base level information about the person you are trying to compromise.
Earlier this week Twitter said it will be “rolling out additional company-wide training to guard against social engineering tactics to supplement the training employees receive during onboarding and ongoing phishing exercises throughout the year”
This case shows that no matter how big your company and how many resources you can pour into aspects of your business, you can never be 100% sure that you are completely safe.
At Cyber Wise we have a wide variety of training courses based around social engineering that we can provide your employees with as well as simulated phishing attacks teaching them the tell-tale signs of a scam. If you would like to learn more, contact us today to arrange your risk-free trial.