On Saturday, we learned that Twitter was hacked. The company rushed to reset the passwords of those affected by the breach, but experts warn that the cybercriminals might use the information they have stolen for other malicious campaigns.
Sophos has published an interesting advisory to inform users on how the attackers might leverage the usernames, email addresses, passwords and session tokens they have stolen. The firm also provides some valuable advice on what internauts can do to protect themselves.
First of all, it’s important to know that cybercriminals can use the stolen information in several ways. They can utilize the email addresses for spam campaigns and even for targeted attacks whose main goal is to get recipients to click on malicious links or open attachments.
In addition, the session tokens could be used to hijack accounts, but that’s only until the user or the hacker logs off.
Furthermore, the attackers might try to crack the passwords. Even if the passwords have been changed on Twitter, the information might still be valuable considering that many people use the same passwords for multiple accounts.
This brings us to the next important step that must be taken by affected Twitter customers. Changing the passwords of just the social media account is not enough, especially if the same one is utilized for more than one account.
Those who want to set different, strong passwords for each of their online accounts, but can’t remember them all, can turn to special software such as LastPass, KeePass or 1Password. Alternatively, they can use the password managers integrated into most modern browsers.
There’s one more thing Twitter members should be worried about. According to Sophos’ Graham Cluley, it's possible that we might see fake Twitter emails landing in our inboxes.
“Users might be tricked into believing that they are really messages from Twitter telling them that their account was compromised in the hack, and click on links without thinking of the possible consequences,” Cluley explained.