Twitter users at risk from targeted phishing attacks says Websense

Twitter users are putting theselves at risk because of the amount of personal information they reveal in tweets, says a security company.

Websense Security Labs said its research shows that many people leave themselves open to targeted scams because cyber criminals can easily harvest these details to target potential victims.

The security company said that research carried out over a 24-hour period in January 2011, showed that more than 11,000 email addresses were shared worldwide on Twitter, and in London, more than 30 addresses were shared per hour.

Websense added that people don't realise the criminals can use this and other information they glean via conversations to launch sophisticated highly targeted phishing attacks.

Carl Leonard, of Websense's  Security Labs said: "Twitter users blindly think that email addresses are safe for public consumption. However, by publicly tweeting your email, you're connecting it with your name, location and information on your social graph.

"Criminals can exploit this wealth of information by directing waves of highly targeted phishing attacks at individuals or businesses, masquerading as users' friends or associates to encourage them to click on malicious links.

"Together this collection of data can also allow criminals to compromise email accounts, paving the way for further malicious activity including accessing bank accounts, harvesting additional passwords and launching major spam campaigns."

The email accounts most at risk, according to Websense, are free web-based email services such as Gmail and Hotmail.

By harvesting social information put on Twitter it becomes easier to hack into these accounts. Some of the worst culprits for putting their details at risk are apparently journalists and celebrities.