Tweeters reveal personal details including email addresses

News by SC Staff

More than 11,000 email addresses were published on Twitter over a 24-hour period.

More than 11,000 email addresses were published on Twitter over a 24-hour period.

According to research by Websense Security Labs, users of the microblogging website are putting themselves at risk of phishing scams by broadcasting their personal details, with some publicly sharing social media identities and bank account details.

Its geo-targeted searches found that in London alone, more than 30 email addresses were shared every hour. This research was conducted in January 2011, and business leaders, journalists and celebrities were all found to be publicly sharing the data.

Carl Leonard, security research manager at Websense Security Labs, said: “Twitter users blindly think that email addresses are safe for public consumption. However, by publicly tweeting your email, you're connecting it with your name, location and information on your social graph.

“Criminals can exploit this wealth of information by directing waves of highly targeted phishing attacks at individuals or businesses, masquerading as users' friends or associates to encourage them to click on malicious links.

“Together this collection of data can also allow criminals to compromise email accounts, paving the way for further malicious activity including accessing bank accounts, harvesting additional passwords and launching major spam campaigns.

“Businesses employing social media to communicate with customers need to consider ways to ensure that employees are protected from these new threats. Employers should re-evaluate acceptable use policies to discourage staff from sharing email addresses on Twitter.”

Websense claimed that Gmail, Hotmail and other free web-based email services are particularly under threat, as attackers can harvest social information on individuals via Twitter to break into these accounts.

It recommended using direct messages (DMs) for sending email addresses to contacts on Twitter, and to update acceptable use policies to warn employees about sharing email addresses.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews