[+] Wayc0de's Blog[+]

19/09/11

BBC Sport in Rugby World Cup Twitter spam slip-up

A compromised Twitter account has resulted in the embarrassing broadcast of a spam message via the BBC's website.

More and more TV stations are encouraging both their staff and their viewers to jump onboard the social media bandwagon, and use the likes of Twitter to interact and keep up-to-date with the latest developments. But if you don't take care, you may end up with some egg on your face.

Take, for example, BBC Sport's extensive online coverage of the Rugby World Cup, where alongside the match reports and videos you can also follow the latest tweets from the BBC's Rugby correspondents.



It sounds like a terrific idea - a great way for sports fans to keep up with the latest developments from the BBC's team of experts. But take a closer look and you'll find that Jim Mason, BBC Scotland's rugby correspondent, appears to have had his Twitter account compromised. Overnight it sent out a spam message encouraging people to investigate an Acai Berry diet.
Serious about shedding a few pounds? read this its interesting! [LINK]


Jim only has a few hundred followers of his Twitter account, so this spam won't have had a huge impact there. But because it has been syndicated to a much wider audience via the BBC's sports website it has the potential reach many more people and - of course - increase embarrassment for the corporation.

Some 14 hours after the tweet first appeared, it still hasn't been deleted - and is still appearing on the BBC's website.

If you were to click on the link (I wouldn't recommend it) you will be taken to a website that poses as a fake news page, promoting the miracle Acai Berry diet.

Acai Berry diet spam website
My guess would be that Jim's Twitter password has been phished. He should change it immediately, and ensure that he is not using the same password on any other website.

And if you're a media organisation - consider how you're going to handle an authorised Twitter message appearing on your website. This time it was just spam, but it could have been something much more malicious.

nb : nakedsecurity.sophos

Tidak ada komentar:

Posting Komentar