Phishing is basically carried out by an email and it directs users to enter details on a fake website that looks authentic and almost identical to the original website for the purposes of information or identity theft.
“There was a phishing email sent to the account and the user or administrator of the Twitter account was basically tricked to give the password,” Nicolai Solling, director of Technology Services at help AG, told Gulf News
The Dubai Police official Twitter account was hacked on Sunday night by a group, which identified itself on Twitter as @TheHorsemenLulz and wrote a message that reads it hacked the account because it was “spying on you.”
“I don’t have any information about what they [@TheHorsemenLulz] want, but it is clear that it is politically driven. So the information they have posted is loosely linked to some Anonymous hacker group,” he said.
Their [hackers] main motivation, he said, is to ensure that the victims lose credibility and lose reputation rights.
He said the same thing happened to the Qatar Domain Registar’s portal and the user was lured to give the password.
Syrian Electronic Army attacked Qatar platform on October 19, 2013, and changed the DNS records of many government, private and military websites for about a day.
“Phishing attempts can happen in many different ways and it will be difficult to give a solution to protect all the different kind of attacks,” Solling said.
The best value for money is “security awareness training.” The person administrating the account need not be an IT expert. So “the account users need to be given the basic security awareness training against these kinds of suspicious attacks,” he said.
Attacks on social media platforms will increase as the number of users are increasing day by day. Last year, cybercriminals targeted oil companies, financials, governments and mobile phones for various interests of Hactivism — political and financial objectives — but this year mobile phones, virtual currencies, social media platform, vulnerabilities above and below operating systems are the major targets.
Pradeesh V.S., General Manager at ESET Middle East, said that banking and government sectors will remain the main targets for attackers and there are new targets emerging on account of the popularity of new services. Of these, e-commerce will no doubt stand out.
Spam is still a main source for finical gains for cyber criminals and they are going to investment more in spam by creating more botnets for sending spam emails. Besides spam emails, an increase in spam in chat clients and mobile messaging applications as well as in social networks are expected to grow. Global spam volume had increased to 125 per cent in 2013. Much of it is the legitimate marketing firms purchasing and using mailing lists from less reputable sources.
In a single month now “we see around one trillion legitimate emails and four trillion spam messages. This trend is likely to continue as email is still the primary method of all communications,” Vibin Shaju, presales regional manager at McAfee MENA, said.