Obscene hacked tweets, apparently from MPs Ed Miliband and Harriet Harman, should be a warning for all of us to be more careful online, say security experts
Cabinet minister Ed Miliband and Leader of the Commons Harriet Harman have fallen victim to Twitter phishing, with Miliband’s followers getting spam promising better sexual performance.
“Hhey, i’ve been having better sex and longer with this here”, said Miliband’s hacked Twitter account, but the MP quickly tweeted a message to his 6,664 followers saying: “Oh dear it seems like I’ve fallen victim to twitter’s latest ‘phishing’ scam.”
Harriet Harman told MPs on Thursday that her account had been hacked, sending messages without her knowledge, but the content of those messages has been left untold. Ms Harman smily said: “I wouldn’t ever send a tweet like that.”
Shadow Prisons Minister, Conservative MP Alan Duncan, who received Harriet Harman’s tweet, took it in good part, according to the Press Association, tweeting: “I did get a message in Harriet’s name, so I sent a friendly message back by text. A bit confusing, and all in my first week on Twitter.”
While the MPs have added to the amusement of the nation, we can also learn from their embarassment, according to Graham Cluley of security firm Sophos: “Miliband needs to do more than just tweet an explanation for his bizarre tweets,” said Cluely. “He also needs to change his password, and think long and hard about whether he is using that same password on any other websites.”
Cluley suspects Miliband has fallen foul of the Lol phishing attack doing the rounds, which followed other attacks on the micro-blogging site this month. The symptoms certainly look much more like Twitter hacking than the “scum-sucking pig” tweet which Labour MP David Wright claimed last week was the product of a hacker
One in three people admit to “playing Russian Roulette” by using the same password on every website they access, Cluley says – and the real figure may well be higher. “If Miliband makes that kind of mistake, then he has potentially opened up his email account, his eBay account, his PayPal and Amazon account… basically, his entire online life could be handed over to hackers.”
Miliband should also check his Twitter settings, Cluley warns, as the hacker may have also given other applications access to his account: “If there are any third party applications he doesn’t recognise listed, he should revoke their permission to access his account as soon as possible.”
MPs have also been warned, by Labour MP Janet Anderson about another problem – an organisation which had apparently set up “fake” Twitter accounts in the names of all North West MPs, the Press Association reported.