Personal Email Sharing on Twitter Lets Scammers Run Rampant
Sharing your email address on Twitter could open you up to targeted phishing campaigns.
Twitter is a fantastic platform for scouring the Web, receiving real-time updates on breaking news and sharing the details of your day. It's also a perfect stepping stone for scammers looking to fleece you out of your confidential information like your bank account details.
Researchers at the security firm Websense monitored Twitter for a 24-hour period this month, and found that in that brief span, more than 11,000 personal email addresses were published and made openly available to anyone browsing the social networking site.
Business leaders, celebrities and journalists were all found sharing their addresses.
"Twitter users blindly think that email addresses are safe for public consumption," Carl Leonard, security research manager at Websense, told SecurityNewsDaily in an email. "However, by publicly tweeting your email, you're connecting it with your name, location and information on your social graph."
Establishing that connection could give online attackers a leg up in successfully convincing you to divulge other personal information.
Websense researchers also conducted geo-targeted searches, and found that more than 30 email addresses were shared every hour in London.
With your email address in their hands, criminals can more carefully craft targeted phishing campaigns, called "spear phishing emails," that leverage the information they've obtained to make the phony messages appear convincing.
So rather than opening your inbox to a blatantly phony email — it doesn't use your name and has no pertinent information about you — spear phishing emails will come personally addressed to you and often include the names of your closest friends or work associates, details only a trusted source would know.
"This collecting of data can also allow criminals to compromise email accounts, pacing the way for further malicious activity including accessing bank accounts, harvesting additional passwords and launching major spam campaigns," Leonard said.
The first piece of advice in keeping your private information safe is to never post your email address on Twitter; if you need to send it to someone, use the direct messaging (DM) feature. Also, just because a message appears safe at first glance, you should still be skeptical of any email that asks for any sensitive information.
This story was provided by SecurityNewsDaily, sister site to TechNewsDaily.