If you think the only ones who fall for phishing and spearphishing scams are your grandmother and your pinhead neighbor, you’re wrong. It’s not uncommon for hackers to target executives, government officials, academics, or anyone else in order to access high-value data. Recently, the US Department of Justice announced that 8,000 professors from around the world had been hacked. Now, even more recently, Virginia Heffernan, an author, columnist, and all-around big thinker was a target. Her first-hand account of how it went down is a great–not to mention amusing–example of just how wily hackers can be when they have their sites on someone.
Heffernan subtitles her piece in Wired, “How a hacker weaponized flattery and took over my Twitter account” and that pretty much says it all. Her saga began when she received a direct message on Twitter from Larry Summers, who said he’d read one of her articles. He found it ‘astute,’ and was hoping she could provide feedback on one of his articles. Unfortunately, the message did not actually come from Larry Summers, but instead from a Zenci Musa, who claimed to be representing the Turkish Cyber Army Ayyildiz Tim.
Because Heffernan was expertly targeted with the right persona and the right type of message, it was easy to fall for. As she wrote in her article, “Would I look at an article of his and give him notes? Um, is spearphishing an internet scourge? Yes, I would.”
Suddenly her Google and Twitter accounts on laptop and phone had switched over to Turkish language and couldn’t be changed back. She could no longer read anything on the internet.
It’s not that Heffernan isn’t internet savvy. As her bio says, “In 1979 she stumbled onto the internet, when it was the back office of weird clerics….” But, social engineering has been able to evolve in a big way because of all the data available through social media and other online sources. Consequently, hackers have learned how to craft credible ways to dupe victims.
Get the full story at Wired.