Well, not First Direct themselves - their Twitter account..
When I received the DM from Amanda Brown and Rebecca Hirst sent ‘only to me’, I got quite excited.
At first I thought, whoa - it was never a First direct twitter account in the first place, but after checking some previous tweets they all looked pretty legit, so I obviously they had been hacked.
Then came FD’s tweets confirming it…
I’d still be very interested in knowing how it happened, more than very interested in fact. If it was just a crap guessable password that’s worrying in itself, anything more clever is even more worrying.
Fortunately the dumb crackers used it to promote medicine that helps in a certain type of stamina, immediately causing alarm bells.
Imagine if they had set up a FD looking page with some dodgy offers - the phishing potential could have been huge! (edit: well not huge there are only 850-ish followers of http://twitter.com/first_direct )
I would probably have trusted a page linked from a trusted Twitter account like First Direct and I’m normally pretty good at keeping an eye on the URL!
It has warned me to be dilligent about the legitimacy of corporate Twitter accounts.
This needs to be a warning to all banks, who do want to engage with thier customers in this way, (and they should)
Could have been a lot worse!
Update - the Guardian explains all… http://www.guardian.co.uk/technology/2010/feb/26/twitter-hack-spread-phishing with some good advice
Tags: banks · finance · First direct1 Comment
1 response so far ↓
Hi there I just wanted to drop in and say thank you for the insight in this post. I somehow stumbled on your blog while searching health and fitness related stuff in Yahoo… guess I got kind of sidetracked! Well, I’m off and many thanks for expressing your thinkings. I’ll be back again at some point to see your new articles. See you later!