Feb 2, 2010

Are you at risk from the Twitter phishing scam?

TechCrunch reported today that Twitter has locked many users out of their accounts this morning requiring them to reset their password due to concerns of a possible phishing attack: VIEW TECHCRUNCH ARTICLE

The real panic for users isn't so much that their Twitter accounts might have been compromised, but rather that they might have used the identical password with other websites.

If you used LastPass to automatically login to Twitter you are immune from the above mentioned phishing attack since LastPass will only auto-fill and auto-login to sites with a matching domain name. LastPass knows never to send your confidential information to any rogue site that is trying to impersonate twitter.com.

Phishing attacks on popular email and social networking sites seems to be dramatically increasing with no end in site. LastPass users should go one step further in protecting themselves against the next large scale phishing attack: take the LastPass Security Challenge to see what other sites might be at risk from duplicate passwords and then use LastPass to generate secure random passwords to protect your online identity.

6 comments:

  1. Twitter is silly anyway.

    "HEY GUYS, JUST POOPED"

    ReplyDelete
  2. I'm glad I'm cautious :D but the phishing scam just popped up automatically 10 times when I logged into lastpass. Am I already in trouble? Oh, and WHAT -- I'm using Ubuntu!!! seems like its a free-for-all on Operating Systems. I keep my system squeaky clean and I don't go to naughty websites and I don't share my computer, so either Lastpass has been compromised AGAIN or I've been screwed by Google -- I'm switching to KeyPass NOW.

    ReplyDelete
  3. Nope, it appears that I was on an untrusted network which apparently has something bad going on there. I switched to my home network and immediately found that when logging back into LastPass I had no pop-up tabs coming up on top of my previous tab (which would be "My LastPass Vault").

    ReplyDelete