Does this mean Target's twitter was successfully attacked?
up vote
43
down vote
favorite
I was just surprised to see this suspicious promoted tweet, asking me to send Bitcoins
I added the hand-drawn red lines so I am not responsible for propagating the apparent scam.
Clicking on the user name seems to take me to the genuine Target page with the verified checkmark.
Clicking on the link to the tweet (i.e. "40m") gives me an error that the tweet no longer exists.
Clicking on the URL goes to a page that looks like the screenshot, and a list of transactions.
Is it fair for me to conclude: Target lost control of their Twitter account to an (internal or external) scammer, who is ripping off people who think they are having a give-away?
Is there another way their username could appear advertising a scam without access to their Twitter account credentials?
social-engineering bitcoin twitter social-media
New contributor
|
show 5 more comments
up vote
43
down vote
favorite
I was just surprised to see this suspicious promoted tweet, asking me to send Bitcoins
I added the hand-drawn red lines so I am not responsible for propagating the apparent scam.
Clicking on the user name seems to take me to the genuine Target page with the verified checkmark.
Clicking on the link to the tweet (i.e. "40m") gives me an error that the tweet no longer exists.
Clicking on the URL goes to a page that looks like the screenshot, and a list of transactions.
Is it fair for me to conclude: Target lost control of their Twitter account to an (internal or external) scammer, who is ripping off people who think they are having a give-away?
Is there another way their username could appear advertising a scam without access to their Twitter account credentials?
social-engineering bitcoin twitter social-media
New contributor
10
Is the screenshot from twitter.com? Did you check that HTTPS was used? But yeah, it sure looks like someone abused their account.
– Anders
Nov 13 at 11:49
10
Yes, it is from Twitter. Yes, it is https, and Chrome is happy with the certificate.
– Oddthinking
Nov 13 at 11:56
6
Then indeed Target has had their Twitter account hacked.
– forest
Nov 13 at 11:57
5
All that technical analysis and no mention of the atrocious grammar? I know that the art of writing well is quickly going the way of the dodo, but usually the PR folks manage to get it reasonably close.
– FreeMan
Nov 13 at 20:47
3
@FreeMan: That the tweet was suspicious wasn't the question. I was going to go on social media in response to say "Hey look! I was almost scammed by Target" when I realised wasn't an authority on this, and it might be something else - e.g. I was running malware which was attacking my Twitter page, or it was a fake Twitter account that just looked like Target's, or...
– Oddthinking
Nov 14 at 0:00
|
show 5 more comments
up vote
43
down vote
favorite
up vote
43
down vote
favorite
I was just surprised to see this suspicious promoted tweet, asking me to send Bitcoins
I added the hand-drawn red lines so I am not responsible for propagating the apparent scam.
Clicking on the user name seems to take me to the genuine Target page with the verified checkmark.
Clicking on the link to the tweet (i.e. "40m") gives me an error that the tweet no longer exists.
Clicking on the URL goes to a page that looks like the screenshot, and a list of transactions.
Is it fair for me to conclude: Target lost control of their Twitter account to an (internal or external) scammer, who is ripping off people who think they are having a give-away?
Is there another way their username could appear advertising a scam without access to their Twitter account credentials?
social-engineering bitcoin twitter social-media
New contributor
I was just surprised to see this suspicious promoted tweet, asking me to send Bitcoins
I added the hand-drawn red lines so I am not responsible for propagating the apparent scam.
Clicking on the user name seems to take me to the genuine Target page with the verified checkmark.
Clicking on the link to the tweet (i.e. "40m") gives me an error that the tweet no longer exists.
Clicking on the URL goes to a page that looks like the screenshot, and a list of transactions.
Is it fair for me to conclude: Target lost control of their Twitter account to an (internal or external) scammer, who is ripping off people who think they are having a give-away?
Is there another way their username could appear advertising a scam without access to their Twitter account credentials?
social-engineering bitcoin twitter social-media
social-engineering bitcoin twitter social-media
New contributor
New contributor
New contributor
asked Nov 13 at 11:34
Oddthinking
5731511
5731511
New contributor
New contributor
10
Is the screenshot from twitter.com? Did you check that HTTPS was used? But yeah, it sure looks like someone abused their account.
– Anders
Nov 13 at 11:49
10
Yes, it is from Twitter. Yes, it is https, and Chrome is happy with the certificate.
– Oddthinking
Nov 13 at 11:56
6
Then indeed Target has had their Twitter account hacked.
– forest
Nov 13 at 11:57
5
All that technical analysis and no mention of the atrocious grammar? I know that the art of writing well is quickly going the way of the dodo, but usually the PR folks manage to get it reasonably close.
– FreeMan
Nov 13 at 20:47
3
@FreeMan: That the tweet was suspicious wasn't the question. I was going to go on social media in response to say "Hey look! I was almost scammed by Target" when I realised wasn't an authority on this, and it might be something else - e.g. I was running malware which was attacking my Twitter page, or it was a fake Twitter account that just looked like Target's, or...
– Oddthinking
Nov 14 at 0:00
|
show 5 more comments
10
Is the screenshot from twitter.com? Did you check that HTTPS was used? But yeah, it sure looks like someone abused their account.
– Anders
Nov 13 at 11:49
10
Yes, it is from Twitter. Yes, it is https, and Chrome is happy with the certificate.
– Oddthinking
Nov 13 at 11:56
6
Then indeed Target has had their Twitter account hacked.
– forest
Nov 13 at 11:57
5
All that technical analysis and no mention of the atrocious grammar? I know that the art of writing well is quickly going the way of the dodo, but usually the PR folks manage to get it reasonably close.
– FreeMan
Nov 13 at 20:47
3
@FreeMan: That the tweet was suspicious wasn't the question. I was going to go on social media in response to say "Hey look! I was almost scammed by Target" when I realised wasn't an authority on this, and it might be something else - e.g. I was running malware which was attacking my Twitter page, or it was a fake Twitter account that just looked like Target's, or...
– Oddthinking
Nov 14 at 0:00
10
10
Is the screenshot from twitter.com? Did you check that HTTPS was used? But yeah, it sure looks like someone abused their account.
– Anders
Nov 13 at 11:49
Is the screenshot from twitter.com? Did you check that HTTPS was used? But yeah, it sure looks like someone abused their account.
– Anders
Nov 13 at 11:49
10
10
Yes, it is from Twitter. Yes, it is https, and Chrome is happy with the certificate.
– Oddthinking
Nov 13 at 11:56
Yes, it is from Twitter. Yes, it is https, and Chrome is happy with the certificate.
– Oddthinking
Nov 13 at 11:56
6
6
Then indeed Target has had their Twitter account hacked.
– forest
Nov 13 at 11:57
Then indeed Target has had their Twitter account hacked.
– forest
Nov 13 at 11:57
5
5
All that technical analysis and no mention of the atrocious grammar? I know that the art of writing well is quickly going the way of the dodo, but usually the PR folks manage to get it reasonably close.
– FreeMan
Nov 13 at 20:47
All that technical analysis and no mention of the atrocious grammar? I know that the art of writing well is quickly going the way of the dodo, but usually the PR folks manage to get it reasonably close.
– FreeMan
Nov 13 at 20:47
3
3
@FreeMan: That the tweet was suspicious wasn't the question. I was going to go on social media in response to say "Hey look! I was almost scammed by Target" when I realised wasn't an authority on this, and it might be something else - e.g. I was running malware which was attacking my Twitter page, or it was a fake Twitter account that just looked like Target's, or...
– Oddthinking
Nov 14 at 0:00
@FreeMan: That the tweet was suspicious wasn't the question. I was going to go on social media in response to say "Hey look! I was almost scammed by Target" when I realised wasn't an authority on this, and it might be something else - e.g. I was running malware which was attacking my Twitter page, or it was a fake Twitter account that just looked like Target's, or...
– Oddthinking
Nov 14 at 0:00
|
show 5 more comments
2 Answers
2
active
oldest
votes
up vote
67
down vote
accepted
Yes, Target did have their account hacked. In fact, quite a lot of verified account holders have been hacked to further this scam. The scammers do this to impersonate other accounts, including Elon Musk's, by changing their name while retaining their verified status. In this case, it just looks like the scammer is using Target's account directly. This scam has made the hackers over $150,000.
The Elon Musk scam is the most well-known now, but it appears Target was caught as well.
20
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
2 days ago
4
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
2 days ago
17
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
2 days ago
8
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
2 days ago
4
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
2 days ago
|
show 7 more comments
up vote
31
down vote
Target has since confirmed my suspicion:
Hard Fork article
“Early this morning, Target’s Twitter account was inappropriately accessed” a company spokesperson told Hard Fork in an email. “The access lasted for approximately half an hour and one fake tweet was posted during that time about a Bitcoin scam.”
“We’re in close contact with Twitter, have deleted the tweet and have locked the account while we investigate further,” the retail giant further told Hard Fork. Unfortunately, the origin of the breach remains unclear.
Other reports of the incident include:
USA Today
The Next Wev
ZyCrypto
CryptoNews
New contributor
add a comment |
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
67
down vote
accepted
Yes, Target did have their account hacked. In fact, quite a lot of verified account holders have been hacked to further this scam. The scammers do this to impersonate other accounts, including Elon Musk's, by changing their name while retaining their verified status. In this case, it just looks like the scammer is using Target's account directly. This scam has made the hackers over $150,000.
The Elon Musk scam is the most well-known now, but it appears Target was caught as well.
20
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
2 days ago
4
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
2 days ago
17
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
2 days ago
8
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
2 days ago
4
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
2 days ago
|
show 7 more comments
up vote
67
down vote
accepted
Yes, Target did have their account hacked. In fact, quite a lot of verified account holders have been hacked to further this scam. The scammers do this to impersonate other accounts, including Elon Musk's, by changing their name while retaining their verified status. In this case, it just looks like the scammer is using Target's account directly. This scam has made the hackers over $150,000.
The Elon Musk scam is the most well-known now, but it appears Target was caught as well.
20
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
2 days ago
4
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
2 days ago
17
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
2 days ago
8
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
2 days ago
4
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
2 days ago
|
show 7 more comments
up vote
67
down vote
accepted
up vote
67
down vote
accepted
Yes, Target did have their account hacked. In fact, quite a lot of verified account holders have been hacked to further this scam. The scammers do this to impersonate other accounts, including Elon Musk's, by changing their name while retaining their verified status. In this case, it just looks like the scammer is using Target's account directly. This scam has made the hackers over $150,000.
The Elon Musk scam is the most well-known now, but it appears Target was caught as well.
Yes, Target did have their account hacked. In fact, quite a lot of verified account holders have been hacked to further this scam. The scammers do this to impersonate other accounts, including Elon Musk's, by changing their name while retaining their verified status. In this case, it just looks like the scammer is using Target's account directly. This scam has made the hackers over $150,000.
The Elon Musk scam is the most well-known now, but it appears Target was caught as well.
edited yesterday
answered Nov 13 at 13:51
forest
26.2k128296
26.2k128296
20
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
2 days ago
4
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
2 days ago
17
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
2 days ago
8
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
2 days ago
4
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
2 days ago
|
show 7 more comments
20
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
2 days ago
4
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
2 days ago
17
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
2 days ago
8
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
2 days ago
4
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
2 days ago
20
20
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
2 days ago
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
2 days ago
4
4
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
2 days ago
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
2 days ago
17
17
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
2 days ago
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
2 days ago
8
8
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
2 days ago
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
2 days ago
4
4
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
2 days ago
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
2 days ago
|
show 7 more comments
up vote
31
down vote
Target has since confirmed my suspicion:
Hard Fork article
“Early this morning, Target’s Twitter account was inappropriately accessed” a company spokesperson told Hard Fork in an email. “The access lasted for approximately half an hour and one fake tweet was posted during that time about a Bitcoin scam.”
“We’re in close contact with Twitter, have deleted the tweet and have locked the account while we investigate further,” the retail giant further told Hard Fork. Unfortunately, the origin of the breach remains unclear.
Other reports of the incident include:
USA Today
The Next Wev
ZyCrypto
CryptoNews
New contributor
add a comment |
up vote
31
down vote
Target has since confirmed my suspicion:
Hard Fork article
“Early this morning, Target’s Twitter account was inappropriately accessed” a company spokesperson told Hard Fork in an email. “The access lasted for approximately half an hour and one fake tweet was posted during that time about a Bitcoin scam.”
“We’re in close contact with Twitter, have deleted the tweet and have locked the account while we investigate further,” the retail giant further told Hard Fork. Unfortunately, the origin of the breach remains unclear.
Other reports of the incident include:
USA Today
The Next Wev
ZyCrypto
CryptoNews
New contributor
add a comment |
up vote
31
down vote
up vote
31
down vote
Target has since confirmed my suspicion:
Hard Fork article
“Early this morning, Target’s Twitter account was inappropriately accessed” a company spokesperson told Hard Fork in an email. “The access lasted for approximately half an hour and one fake tweet was posted during that time about a Bitcoin scam.”
“We’re in close contact with Twitter, have deleted the tweet and have locked the account while we investigate further,” the retail giant further told Hard Fork. Unfortunately, the origin of the breach remains unclear.
Other reports of the incident include:
USA Today
The Next Wev
ZyCrypto
CryptoNews
New contributor
Target has since confirmed my suspicion:
Hard Fork article
“Early this morning, Target’s Twitter account was inappropriately accessed” a company spokesperson told Hard Fork in an email. “The access lasted for approximately half an hour and one fake tweet was posted during that time about a Bitcoin scam.”
“We’re in close contact with Twitter, have deleted the tweet and have locked the account while we investigate further,” the retail giant further told Hard Fork. Unfortunately, the origin of the breach remains unclear.
Other reports of the incident include:
USA Today
The Next Wev
ZyCrypto
CryptoNews
New contributor
New contributor
answered Nov 13 at 15:24
Oddthinking
5731511
5731511
New contributor
New contributor
add a comment |
add a comment |
Oddthinking is a new contributor. Be nice, and check out our Code of Conduct.
Oddthinking is a new contributor. Be nice, and check out our Code of Conduct.
Oddthinking is a new contributor. Be nice, and check out our Code of Conduct.
Oddthinking is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f197588%2fdoes-this-mean-targets-twitter-was-successfully-attacked%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
10
Is the screenshot from twitter.com? Did you check that HTTPS was used? But yeah, it sure looks like someone abused their account.
– Anders
Nov 13 at 11:49
10
Yes, it is from Twitter. Yes, it is https, and Chrome is happy with the certificate.
– Oddthinking
Nov 13 at 11:56
6
Then indeed Target has had their Twitter account hacked.
– forest
Nov 13 at 11:57
5
All that technical analysis and no mention of the atrocious grammar? I know that the art of writing well is quickly going the way of the dodo, but usually the PR folks manage to get it reasonably close.
– FreeMan
Nov 13 at 20:47
3
@FreeMan: That the tweet was suspicious wasn't the question. I was going to go on social media in response to say "Hey look! I was almost scammed by Target" when I realised wasn't an authority on this, and it might be something else - e.g. I was running malware which was attacking my Twitter page, or it was a fake Twitter account that just looked like Target's, or...
– Oddthinking
Nov 14 at 0:00