Early Tuesday morning the twitter account of the Australian election commission was hacked and users started to get messages from the hacked account. The hacker launched a phishing attack from the hacked account aimed at getting the login details of the users. Australian voters have been asked to ignore direct messages purportedly sent from the Australian Electoral Commission, after the commission’s Twitter account was hacked. Unsuspecting users got messages for the Election commission’s hacked twitter account with a clickable link with some messages reading “I found a funny pic of you!” by clicking this link the victims would be taken to a fake twitter page for “authentication” if the user fills in the login details the account details reach the hacker and the newly hacked account can be used to further spread the phishing scam and obtain more login details.
The Election commission for its part is not sure how its account was hacked but is taking security measures to stop such attacks from happening again. The password for the account will be changed daily from now on and Twitter’s two factor authentication will be used.
The two factor authentication is a recently launched security feature by twitter wherein the user’s account will be linked to a mobile phone. The user will need to know the password for the account and upon entering it will get a security code in the form of an SMS to the linked mobile phone which will be needed to login.