PHISHING ATTACK CONTINUES TO RISE AS CRYPTO STILL STRUGGLES
Earlier on Monday, August 8, 2022, The Chief Executive Officer of Binance Exchange; Chengpeng Zhao made a tweet that kindled the interest of others in the crypto Twitter space. He described the situation as Unfortunate and seemed to rest assured it wasn’t going to be the last. What is the unfortunate events that have befallen the crypto space again, while still suffering from the Bear? Another Phishing attack. And this time it was directed at Twilio.
Many comments on this tweet had crypto users dishing out advice to other users to stick to Binance for asset safe holding, while others maintained that the crypto space hasn’t seen the last of it. Let’s take a look into the Twilio phishing attack that affected its Staff members and customers.
Twilio is a communication solution platform and company, which is based in San Francisco, California. Twilio provides programmable tools for communication which are used to make phone calls and also receiving. The platform also gives room for sending and receiving text messages and providing other avenues and solutions for communication.
Twilio ethos is hooked on the belief that customer data Security should be properly protected. Putting that into consideration, it provided an overview of the incident for transparency’s sake that the security of our customer’s data is of paramount importance, and when an incident occurs that might threaten that security, we communicate what happened transparently. To that end, we are providing an overview of this incident impacting customer information and our response.
The platform spotted unauthorized access to various information pertaining to a few customers. This happened on August 4, 2022. This came via an attack targeted at gaining access to the employee credentials of Twilio.
This sophisticated attack left the employees beguiled, as they gave out credible information without knowing. The phishers further used this obtained information to gain entry to Twilio’s internal systems, where they could access a number of customer data.
The nature of this attack was structured in a way that former and active employees received malicious text messages purporting to be from Twilio’s IT department. The format of the text advised the receivers Password had expired or the schedule changed, and they needed to visit a URL (Phishing link)
The attacker ensured to use a landing page similar to Twilio’s web page. According to Twilio, the threat was sophisticated because the attacker was able to match the phone numbers to the respective employees who owned them.
After Twilio confirmed the attack, it swung into action by revoking access to the employee accounts which were attacked. Twilio also contacted a leading forensics firm to assist with the investigation and bringing the culprits to book.
Twilio promised to steadily notify affected customers of their progress report on the case