Twitter announced Thursday that it adopted a new security technology that's aimed at cracking down on phishing, a popular method used by hackers to send emails to users that appear to be from a Twitter-related email address in order to gain access to their account information.
The San Francisco-based company said it started using DMARC, a security protocol, earlier this month to prevent bad actors from sending emails to users from a poser Twitter.com email address. DMARC — which stands for Domain-based Message Authentication, Reporting & Conformance — cuts down on phishing attacks by allowing an email sender, such as Twitter, to indicate that their email messages are authenticated and also direct email providers to either reject a suspicious message or flag it as spam in a user's inbox, according to the security protocol's website.
In a blog post published Thursday, Twitter Postmaster Josh Aberant said the company hopes users feel more at ease when receiving emails from Twitter because of its adoption of the security technology.
"While this protocol is young, it has already gained significant traction in the email community with all four major email providers — AOL, Gmail, Hotmail/Outlook, and Yahoo! Mail — already on board, rejecting forged emails," Aberant said in the post. "We hope to see it gain more coverage for our users as even more email providers adopt it, and that it gives you more peace of mind when you get an email from us."
Twitter's announcement comes after the company revealed earlier this month that hackers attacked its website and may have gained access to personal information for roughly 250,000 users. The company said the attack "was not the work of amateurs," but "extremely sophisticated" hackers.In recent weeks, Facebook and Apple have also come forward about getting hit by hacker attacks.
A Twitter spokesman did not respond to a request for comment on whether the company decided to adopt the new email security protocol in the wake of the attack on its user data, or following the recent reports of hacks on tech companies.
DMARC was created by a group of organizations — including Google, AOL, Comcast, Facebook and PayPayl — to craft a method for combating phishing attacks on email accounts.
Cybersecurity experts have warned that spearphishing attacks, where a user is prompted to click on a poisoned link or attachment in an email that appears to be from someone they know, could be used to compromise sensitive computer networks and systems. During a cyberattack demonstration on Capitol Hill last year with senators, senior administration officials showed how a hacker could shut down New York City's power supply via a spearphishing cyberattack.
0 comments:
Post a Comment