Once again, a well-known media establishment has fallen victim to the hackers of the notorious Syrian Electronic Army (SEA).
This time it’s Forbes which has “published” an eyebrow-raising headline.
Hacked by the Syrian Electronic Army
The pro-Assad hackers claimed credit for the hack on the magazine’s official Twitter account, and also published a screenshot of the WordPress admin console used by Forbes to run its online blogs.
The damage extended beyond Forbes’s website, however, also encompassing the Twitter-hijacking of various bloggers who work for the publication as well.
For instance, here is what the Twitter account of Forbes blogger Samantha Sharf currently looks like:
Clearly someone in the Forbes social media team has been careless – perhaps they were duped into handing the keys to their online kingdom on a plate to the SEA after the hackers sent a convincing-looking phishing email?
It would seem that Forbes has angered the Syrian Electronic Army with its investigations and reports into the hacking group.
The Syrian hackers’ techniques are hardly sophisticated, but there’s no doubting that they work.
All organisations would benefit from training their users to be on their guard against potential phishing attacks, and putting into place best practices (two factor authentication, different passwords for different websites etc) to better protect accounts.