Does this mean Target's twitter was successfully attacked?
I was just surprised to see this suspicious promoted tweet, asking me to send Bitcoins
I added the hand-drawn red lines so I am not responsible for propagating the apparent scam.
Clicking on the user name seems to take me to the genuine Target page with the verified checkmark.
Clicking on the link to the tweet (i.e. "40m") gives me an error that the tweet no longer exists.
Clicking on the URL goes to a page that looks like the screenshot, and a list of transactions.
Is it fair for me to conclude: Target lost control of their Twitter account to an (internal or external) scammer, who is ripping off people who think they are having a give-away?
Is there another way their username could appear advertising a scam without access to their Twitter account credentials?
social-engineering bitcoin twitter social-media
asked Nov 13 '18 at 11:34
OddthinkingOddthinking
1,32731015
|
show 5 more comments
I was just surprised to see this suspicious promoted tweet, asking me to send Bitcoins
I added the hand-drawn red lines so I am not responsible for propagating the apparent scam.
Clicking on the user name seems to take me to the genuine Target page with the verified checkmark.
Clicking on the link to the tweet (i.e. "40m") gives me an error that the tweet no longer exists.
Clicking on the URL goes to a page that looks like the screenshot, and a list of transactions.
Is it fair for me to conclude: Target lost control of their Twitter account to an (internal or external) scammer, who is ripping off people who think they are having a give-away?
Is there another way their username could appear advertising a scam without access to their Twitter account credentials?
social-engineering bitcoin twitter social-media
asked Nov 13 '18 at 11:34
OddthinkingOddthinking
1,32731015
10
Is the screenshot from twitter.com? Did you check that HTTPS was used? But yeah, it sure looks like someone abused their account.
– Anders
Nov 13 '18 at 11:49
10
Yes, it is from Twitter. Yes, it is https, and Chrome is happy with the certificate.
– Oddthinking
Nov 13 '18 at 11:56
6
Then indeed Target has had their Twitter account hacked.
– forest
Nov 13 '18 at 11:57
5
All that technical analysis and no mention of the atrocious grammar? I know that the art of writing well is quickly going the way of the dodo, but usually the PR folks manage to get it reasonably close.
– FreeMan
Nov 13 '18 at 20:47
3
@FreeMan: That the tweet was suspicious wasn't the question. I was going to go on social media in response to say "Hey look! I was almost scammed by Target" when I realised wasn't an authority on this, and it might be something else - e.g. I was running malware which was attacking my Twitter page, or it was a fake Twitter account that just looked like Target's, or...
– Oddthinking
Nov 14 '18 at 0:00
|
show 5 more comments
I was just surprised to see this suspicious promoted tweet, asking me to send Bitcoins
I added the hand-drawn red lines so I am not responsible for propagating the apparent scam.
Clicking on the user name seems to take me to the genuine Target page with the verified checkmark.
Clicking on the link to the tweet (i.e. "40m") gives me an error that the tweet no longer exists.
Clicking on the URL goes to a page that looks like the screenshot, and a list of transactions.
Is it fair for me to conclude: Target lost control of their Twitter account to an (internal or external) scammer, who is ripping off people who think they are having a give-away?
Is there another way their username could appear advertising a scam without access to their Twitter account credentials?
social-engineering bitcoin twitter social-media
asked Nov 13 '18 at 11:34
OddthinkingOddthinking
1,32731015
I was just surprised to see this suspicious promoted tweet, asking me to send Bitcoins
I added the hand-drawn red lines so I am not responsible for propagating the apparent scam.
Clicking on the user name seems to take me to the genuine Target page with the verified checkmark.
Clicking on the link to the tweet (i.e. "40m") gives me an error that the tweet no longer exists.
Clicking on the URL goes to a page that looks like the screenshot, and a list of transactions.
Is it fair for me to conclude: Target lost control of their Twitter account to an (internal or external) scammer, who is ripping off people who think they are having a give-away?
Is there another way their username could appear advertising a scam without access to their Twitter account credentials?
social-engineering bitcoin twitter social-media
social-engineering bitcoin twitter social-media
asked Nov 13 '18 at 11:34
OddthinkingOddthinking
1,32731015
asked Nov 13 '18 at 11:34
OddthinkingOddthinking
1,32731015
asked Nov 13 '18 at 11:34
OddthinkingOddthinking
1,32731015
asked Nov 13 '18 at 11:34
OddthinkingOddthinking
1,32731015
asked Nov 13 '18 at 11:34
OddthinkingOddthinking
1,32731015
1,32731015
10
Is the screenshot from twitter.com? Did you check that HTTPS was used? But yeah, it sure looks like someone abused their account.
– Anders
Nov 13 '18 at 11:49
10
Yes, it is from Twitter. Yes, it is https, and Chrome is happy with the certificate.
– Oddthinking
Nov 13 '18 at 11:56
6
Then indeed Target has had their Twitter account hacked.
– forest
Nov 13 '18 at 11:57
5
All that technical analysis and no mention of the atrocious grammar? I know that the art of writing well is quickly going the way of the dodo, but usually the PR folks manage to get it reasonably close.
– FreeMan
Nov 13 '18 at 20:47
3
@FreeMan: That the tweet was suspicious wasn't the question. I was going to go on social media in response to say "Hey look! I was almost scammed by Target" when I realised wasn't an authority on this, and it might be something else - e.g. I was running malware which was attacking my Twitter page, or it was a fake Twitter account that just looked like Target's, or...
– Oddthinking
Nov 14 '18 at 0:00
|
show 5 more comments
10
Is the screenshot from twitter.com? Did you check that HTTPS was used? But yeah, it sure looks like someone abused their account.
– Anders
Nov 13 '18 at 11:49
10
Yes, it is from Twitter. Yes, it is https, and Chrome is happy with the certificate.
– Oddthinking
Nov 13 '18 at 11:56
6
Then indeed Target has had their Twitter account hacked.
– forest
Nov 13 '18 at 11:57
5
All that technical analysis and no mention of the atrocious grammar? I know that the art of writing well is quickly going the way of the dodo, but usually the PR folks manage to get it reasonably close.
– FreeMan
Nov 13 '18 at 20:47
3
@FreeMan: That the tweet was suspicious wasn't the question. I was going to go on social media in response to say "Hey look! I was almost scammed by Target" when I realised wasn't an authority on this, and it might be something else - e.g. I was running malware which was attacking my Twitter page, or it was a fake Twitter account that just looked like Target's, or...
– Oddthinking
Nov 14 '18 at 0:00
10
10
Is the screenshot from twitter.com? Did you check that HTTPS was used? But yeah, it sure looks like someone abused their account.
– Anders
Nov 13 '18 at 11:49
Is the screenshot from twitter.com? Did you check that HTTPS was used? But yeah, it sure looks like someone abused their account.
– Anders
Nov 13 '18 at 11:49
10
10
Yes, it is from Twitter. Yes, it is https, and Chrome is happy with the certificate.
– Oddthinking
Nov 13 '18 at 11:56
Yes, it is from Twitter. Yes, it is https, and Chrome is happy with the certificate.
– Oddthinking
Nov 13 '18 at 11:56
6
6
Then indeed Target has had their Twitter account hacked.
– forest
Nov 13 '18 at 11:57
Then indeed Target has had their Twitter account hacked.
– forest
Nov 13 '18 at 11:57
5
5
All that technical analysis and no mention of the atrocious grammar? I know that the art of writing well is quickly going the way of the dodo, but usually the PR folks manage to get it reasonably close.
– FreeMan
Nov 13 '18 at 20:47
All that technical analysis and no mention of the atrocious grammar? I know that the art of writing well is quickly going the way of the dodo, but usually the PR folks manage to get it reasonably close.
– FreeMan
Nov 13 '18 at 20:47
3
3
@FreeMan: That the tweet was suspicious wasn't the question. I was going to go on social media in response to say "Hey look! I was almost scammed by Target" when I realised wasn't an authority on this, and it might be something else - e.g. I was running malware which was attacking my Twitter page, or it was a fake Twitter account that just looked like Target's, or...
– Oddthinking
Nov 14 '18 at 0:00
@FreeMan: That the tweet was suspicious wasn't the question. I was going to go on social media in response to say "Hey look! I was almost scammed by Target" when I realised wasn't an authority on this, and it might be something else - e.g. I was running malware which was attacking my Twitter page, or it was a fake Twitter account that just looked like Target's, or...
– Oddthinking
Nov 14 '18 at 0:00
|
show 5 more comments
2 Answers
2
active
oldest
votes
Yes, Target did have their account hacked. In fact, quite a lot of verified account holders have been hacked to further this scam. The scammers do this to impersonate other accounts, including Elon Musk's, by changing their name while retaining their verified status. In this case, it just looks like the scammer is using Target's account directly. This scam has made the hackers over $150,000.
The Elon Musk scam is the most well-known now, but it appears Target was caught as well.
answered Nov 13 '18 at 13:51
forestforest
34.9k16114122
20
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
Nov 14 '18 at 1:29
4
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
Nov 14 '18 at 3:23
17
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
Nov 14 '18 at 3:48
8
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
Nov 14 '18 at 11:03
4
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
Nov 14 '18 at 12:51
|
show 7 more comments
Target has since confirmed my suspicion:
Hard Fork article
“Early this morning, Target’s Twitter account was inappropriately accessed” a company spokesperson told Hard Fork in an email. “The access lasted for approximately half an hour and one fake tweet was posted during that time about a Bitcoin scam.”
“We’re in close contact with Twitter, have deleted the tweet and have locked the account while we investigate further,” the retail giant further told Hard Fork. Unfortunately, the origin of the breach remains unclear.
Other reports of the incident include:
USA Today
The Next Wev
ZyCrypto
CryptoNews
answered Nov 13 '18 at 15:24
OddthinkingOddthinking
1,32731015
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f197588%2fdoes-this-mean-targets-twitter-was-successfully-attacked%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Yes, Target did have their account hacked. In fact, quite a lot of verified account holders have been hacked to further this scam. The scammers do this to impersonate other accounts, including Elon Musk's, by changing their name while retaining their verified status. In this case, it just looks like the scammer is using Target's account directly. This scam has made the hackers over $150,000.
The Elon Musk scam is the most well-known now, but it appears Target was caught as well.
answered Nov 13 '18 at 13:51
forestforest
34.9k16114122
20
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
Nov 14 '18 at 1:29
4
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
Nov 14 '18 at 3:23
17
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
Nov 14 '18 at 3:48
8
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
Nov 14 '18 at 11:03
4
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
Nov 14 '18 at 12:51
|
show 7 more comments
Yes, Target did have their account hacked. In fact, quite a lot of verified account holders have been hacked to further this scam. The scammers do this to impersonate other accounts, including Elon Musk's, by changing their name while retaining their verified status. In this case, it just looks like the scammer is using Target's account directly. This scam has made the hackers over $150,000.
The Elon Musk scam is the most well-known now, but it appears Target was caught as well.
answered Nov 13 '18 at 13:51
forestforest
34.9k16114122
20
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
Nov 14 '18 at 1:29
4
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
Nov 14 '18 at 3:23
17
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
Nov 14 '18 at 3:48
8
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
Nov 14 '18 at 11:03
4
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
Nov 14 '18 at 12:51
|
show 7 more comments
Yes, Target did have their account hacked. In fact, quite a lot of verified account holders have been hacked to further this scam. The scammers do this to impersonate other accounts, including Elon Musk's, by changing their name while retaining their verified status. In this case, it just looks like the scammer is using Target's account directly. This scam has made the hackers over $150,000.
The Elon Musk scam is the most well-known now, but it appears Target was caught as well.
answered Nov 13 '18 at 13:51
forestforest
34.9k16114122
Yes, Target did have their account hacked. In fact, quite a lot of verified account holders have been hacked to further this scam. The scammers do this to impersonate other accounts, including Elon Musk's, by changing their name while retaining their verified status. In this case, it just looks like the scammer is using Target's account directly. This scam has made the hackers over $150,000.
The Elon Musk scam is the most well-known now, but it appears Target was caught as well.
answered Nov 13 '18 at 13:51
forestforest
34.9k16114122
edited Nov 15 '18 at 2:02
answered Nov 13 '18 at 13:51
forestforest
34.9k16114122
answered Nov 13 '18 at 13:51
forestforest
34.9k16114122
answered Nov 13 '18 at 13:51
forestforest
34.9k16114122
34.9k16114122
20
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
Nov 14 '18 at 1:29
4
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
Nov 14 '18 at 3:23
17
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
Nov 14 '18 at 3:48
8
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
Nov 14 '18 at 11:03
4
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
Nov 14 '18 at 12:51
|
show 7 more comments
20
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
Nov 14 '18 at 1:29
4
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
Nov 14 '18 at 3:23
17
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
Nov 14 '18 at 3:48
8
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
Nov 14 '18 at 11:03
4
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
Nov 14 '18 at 12:51
20
20
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
Nov 14 '18 at 1:29
Is it just me, or does it seem to anyone else that Twitter could prevent this really easily just by disallowing name changes for verified accounts (except when manually reviewed)?
– Wildcard
Nov 14 '18 at 1:29
4
4
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
Nov 14 '18 at 3:23
@Wildcard That wouldn't protect from the fact that the verified accounts themselves got hacked. So sure, you couldn't have a verified account impersonate Elon Musk, but if you hacked Target's account (as happened here), you can still use it to further the scam.
– forest
Nov 14 '18 at 3:23
17
17
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
Nov 14 '18 at 3:48
@forest, right, but right now there's a security hole allowing so-called "verified" users to impersonate other verified users and appear as though they were verified to be those other users. (As in the Elon Musk impersonators.) This makes "verified" a meaningless attribute.
– Wildcard
Nov 14 '18 at 3:48
8
8
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
Nov 14 '18 at 11:03
And by "hacked" do we just mean their password was guessed?
– Lightness Races in Orbit
Nov 14 '18 at 11:03
4
4
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
Nov 14 '18 at 12:51
"This scam has made the hackers over $150,000." It still amazes me that in 2018 this kind of scam (send 1, receive 10) still works.
– Michaël Polla
Nov 14 '18 at 12:51
|
show 7 more comments
Target has since confirmed my suspicion:
Hard Fork article
“Early this morning, Target’s Twitter account was inappropriately accessed” a company spokesperson told Hard Fork in an email. “The access lasted for approximately half an hour and one fake tweet was posted during that time about a Bitcoin scam.”
“We’re in close contact with Twitter, have deleted the tweet and have locked the account while we investigate further,” the retail giant further told Hard Fork. Unfortunately, the origin of the breach remains unclear.
Other reports of the incident include:
USA Today
The Next Wev
ZyCrypto
CryptoNews
answered Nov 13 '18 at 15:24
OddthinkingOddthinking
1,32731015
add a comment |
Target has since confirmed my suspicion:
Hard Fork article
“Early this morning, Target’s Twitter account was inappropriately accessed” a company spokesperson told Hard Fork in an email. “The access lasted for approximately half an hour and one fake tweet was posted during that time about a Bitcoin scam.”
“We’re in close contact with Twitter, have deleted the tweet and have locked the account while we investigate further,” the retail giant further told Hard Fork. Unfortunately, the origin of the breach remains unclear.
Other reports of the incident include:
USA Today
The Next Wev
ZyCrypto
CryptoNews
answered Nov 13 '18 at 15:24
OddthinkingOddthinking
1,32731015
add a comment |
Target has since confirmed my suspicion:
Hard Fork article
“Early this morning, Target’s Twitter account was inappropriately accessed” a company spokesperson told Hard Fork in an email. “The access lasted for approximately half an hour and one fake tweet was posted during that time about a Bitcoin scam.”
“We’re in close contact with Twitter, have deleted the tweet and have locked the account while we investigate further,” the retail giant further told Hard Fork. Unfortunately, the origin of the breach remains unclear.
Other reports of the incident include:
USA Today
The Next Wev
ZyCrypto
CryptoNews
answered Nov 13 '18 at 15:24
OddthinkingOddthinking
1,32731015
Target has since confirmed my suspicion:
Hard Fork article
“Early this morning, Target’s Twitter account was inappropriately accessed” a company spokesperson told Hard Fork in an email. “The access lasted for approximately half an hour and one fake tweet was posted during that time about a Bitcoin scam.”
“We’re in close contact with Twitter, have deleted the tweet and have locked the account while we investigate further,” the retail giant further told Hard Fork. Unfortunately, the origin of the breach remains unclear.
Other reports of the incident include:
USA Today
The Next Wev
ZyCrypto
CryptoNews
answered Nov 13 '18 at 15:24
OddthinkingOddthinking
1,32731015
answered Nov 13 '18 at 15:24
OddthinkingOddthinking
1,32731015
answered Nov 13 '18 at 15:24
OddthinkingOddthinking
1,32731015
answered Nov 13 '18 at 15:24
OddthinkingOddthinking
1,32731015
1,32731015
add a comment |
add a comment |
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f197588%2fdoes-this-mean-targets-twitter-was-successfully-attacked%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
10
Is the screenshot from twitter.com? Did you check that HTTPS was used? But yeah, it sure looks like someone abused their account.
– Anders
Nov 13 '18 at 11:49
10
Yes, it is from Twitter. Yes, it is https, and Chrome is happy with the certificate.
– Oddthinking
Nov 13 '18 at 11:56
6
Then indeed Target has had their Twitter account hacked.
– forest
Nov 13 '18 at 11:57
5
All that technical analysis and no mention of the atrocious grammar? I know that the art of writing well is quickly going the way of the dodo, but usually the PR folks manage to get it reasonably close.
– FreeMan
Nov 13 '18 at 20:47
3
@FreeMan: That the tweet was suspicious wasn't the question. I was going to go on social media in response to say "Hey look! I was almost scammed by Target" when I realised wasn't an authority on this, and it might be something else - e.g. I was running malware which was attacking my Twitter page, or it was a fake Twitter account that just looked like Target's, or...
– Oddthinking
Nov 14 '18 at 0:00