Welcome to WebmasterWorld Guest from 54.162.12.134

Forum Moderators: rogerd

Message Too Old, No Replies

Twitter Identifies File Sharing Username and Password Scam

     
2:33 pm on Feb 3, 2010 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



Twitter Identifies File Sharing Username and Password Scam [news.bbc.co.uk]
Twitter has identified a scheme that uses compromised file-sharing sites to steal the log on information of users.

The service said it had discovered a number of compromised "torrent" sites that had been set up specifically to skim usernames and passwords. Torrent sites acts as indexes of links to TV, film and music files. Scammers were then able to use the data to gain access to Twitter and other sites because many people use the same logon for multiple services.

The firm has reset the accounts of affected users, it said.

"The takeaway from this is that people are continuing to use the same email address and password (or a variant) on multiple sites," the firm said in a blog post.

2:57 pm on Feb 3, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Twitter reset my password yesterday. The email stated that my account may have been compromised in a phishing attack that took place off-Twitter.

However, I have not seen any unauthorized posts though, and I only connected my Twitter account to trusted sites (feedburner, tweetmeme, etc). And I never use file sharing, music sharing or movie downloads.

But well, they say reset your password so I reset my password :o)
3:11 pm on Feb 3, 2010 (gmt 0)

10+ Year Member



If you use the same password at other sites, I would take it as a warning to change your password at all of them as well.
7:03 pm on Feb 3, 2010 (gmt 0)

WebmasterWorld Senior Member g1smd is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



Use software like Keepass to store your online passwords, and choose a new and different password for every site and service that you use and access.
9:58 pm on Feb 3, 2010 (gmt 0)

10+ Year Member



as g1smd suggested, keepass is great! Remember one good password and then copy / paste highly secure passwords from keepass. I personally save Facebook's password in firefox but I only use that password for Facebook and if it ever got compromised I'd change it. I change all my passwords once or twice a year anyways for additional security.
11:41 pm on Feb 3, 2010 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Agreed that software to manage different passwords is the way to go. Needs to be encryption in there somewhere. I use a little Java program for this now but would like something easier to use. Every time this comes up I tell myself I'll use [clipperz.com...]
Would still memorize my bank password and any other super-critical ones but I've gotta think the ease of using many many many different passwords for 'medium security' sites with Clipperz has to outweigh any risk of storing the info (encrypted!) online. Right!?
5:01 am on Feb 4, 2010 (gmt 0)

WebmasterWorld Senior Member 5+ Year Member



Impressive, Twitter staff is able to see the backend of torrent sites and make strong accusations and tie it in with specific twitter users, not to mention modify the twitter users account?

You know this stuff is going on, more and more "big" sites work with authorities to keep an eye on you/everyone, but the net feels increasingly UNsafe when you realize the "good guys" can do what the "bad guys" do even if under a veil of good will.

NOT giving up privacy, to good guys or bad, is near impossible these days and that's the real problem.
6:28 pm on Feb 4, 2010 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



Good reasons for changing your passwords [status.twitter.com]
As part of our ongoing efforts to monitor our user base for odd activity, we noticed a sudden surge in followers for a couple accounts in the last five days. Given the circumstances surrounding this, we felt it was best to push out a password reset to accounts that were following these suspicious users.
 

Featured Threads

Hot Threads This Week

Hot Threads This Month