2020 has been a huge year for security breaches. While most of us have spent much more time online during the pandemic, hackers, apparently, have too. But when billionaires like Elon Musk and Jeff Bezos get hacked, it can be depressing for our outlook on protection.
If some of the world’s wealthiest people, who made their billions in the technology field, can’t protect themselves, how can we expect to?
Fear not. There are still many ways you can up your security game.
Elon Musk and Jeff Bezos Get Hacked
July 15th might be the new Christmas for the hacking community. That’s because on that date, earlier this year, a pile of prominent names was hacked on Twitter in a Bitcoin payment scam.
Amazon CEO Jeff Bezos and Tesla CEO Elon Musk were among the accounts to be hacked. Other big names included Kayne West, Michael Bloomberg, Barack Obama, Joe Biden, and Bill Gates. Even the accounts for Apple, Coinbase, and Uber were breached.
Each verified account tweeted a message featuring a Bitcoin address, and the message that anyone who sent the address money would get double sent back to them.
Check out Elon Musk’s tweet below:
And this wasn’t the first time some of these people have been hacked.
In 2018, Jeff Bezos’ iPhone was hacked, allegedly by Saudi Arabian leader Mohammed bin Salman. It was suspected that Salman sent a file to Bezos that was loaded with spyware.
According to UN reports, the spyware exfiltrated data from Jeff Bezos’ phone in small increments over a period of months.
How These Attacks Were Pulled Off
Not long after the Twitter attacks happened, police had several suspects in custody. On July 31, 2020, police arrested a 17-year-old boy labeled as the “mastermind” behind the attacks. Several accomplices were arrested as well.
Twitter said that these hackers breached “a small number” of Twitter employees’ accounts. With that extra level of access, they could bypass the extra security features Elon Musk and Jeff Bezos likely had, gain access to them, and send the tweets.
The attackers gained access to the employees’ accounts by a spear-phishing technique.
How You Can Protect Yourself
The Twitter security breach of July was only able to happen because of human error. Twitter employees answered a spear-phishing email that likely asked them to share their login credentials.
Oftentimes, these emails contain a link asking you to log-in to your account. But the link in the email will send you to an imposter site that looks just like the site you expected to visit.
This entire attack could’ve been avoided if certain employees were more cautious.
Always avoid emails that ask you to log-in to your accounts unless you’re 100% certain they’re legit. These emails may tell you that your account has displayed suspicious activity, that there’s a problem with your payment information, or that you’re due a refund or a coupon.
Make sure you check and double-check the URL. And check your account to see if there are any notifications within it.
Unfortunately, once the hackers gained internal access to Twitter, there weren’t much the victims could do.
But assuming this type of occurrence is rare, there are ways you can protect yourself.
Start by using two-factor authentication. Also, make sure you use a strong, unique password. And don’t connect other apps to Twitter. For a full explanation of how to secure your Twitter account, check out this article.
If you’re concerned that, like Jeff Bezos, one of your devices contains spyware, learn how you can protect yourself against it.
And if you believe that you’ve been hacked, reach out to us immediately.
Featured image by (i) Lev Radin (ii) Vasilis Asvestas via Shutterstock. Image edited by Hacked.com.