Twitter has revealed the scale of its spam problem for the first time as part of its briefings to U.S. congressional staff as it probes online campaigns to influence the 2016 U.S. election. 'On average, our automated systems catch more than 3.2 million suspicious accounts globally per week -- more than double the amount we detected this time last year,' the social network said. It also outlined for the first time the measures it uses to deal with the issue, from automatically blocking suspicious attempts to log in to banning'bad actors'. Twitter also outlined for the first time the measures it uses to deal with the issue, from automatically blocking suspicious attempts to log in to banning'bad actors'. Systems catch more than 3.2 million suspicious accounts globally per week Twitter said on Thursday it had suspended hundreds of Russian-linked accounts and would ramp up enforcement of its spam rules.
Bots are a thriving part of Twitter's user base, and it's likely they'll continue showing up alongside our own human tweets. Twitter bots can be thought of as autonomous programs or entities that generate social content. Some of this content is harmless, like sports updates, and some of it intentionally malicious and polarizing -- like the over 1,600 known bots that tweeted extremist right-wing views during the polarizing 2016 campaign, explored in a recent report from Bloomberg. The influence of bots is strong, and much of this strength comes from sheer numbers. Earlier this year, researchers from the University of Southern California and Indiana University suggested that between nine and 15 percent of of Twitter users are actually bots.
Millions of National Lottery players have been urged to change their passwords following what parent company Camelot describes as "suspicious activity" involving lottery accounts. Camelot, which runs the National Lottery, insists there's been no access to core systems or databases which would affect lottery draws or prizes, but has recommended that its 10.5 million registered users change their passwords following a number of unauthorised logins. A Camelot spokesperson told ZDNet that the account breaches are thought to be as a result of "credential stuffing", a type of cyber attack where previously-stolen account details are entered into other websites in the hope that the victim uses the same username and password. In this instance, it means the affected National Lottery users have previously had their details stolen elsewhere and shared among cyber criminals. In an email sent to registered users, Camelot said it uncovered suspicious activity on some accounts as part of "regular security monitoring".
Microsoft said today that the number of people who use its passwordless login solutions has now reached 150 million, up from 100 million reported last November at the Microsoft Ignite conference. The number covers users of Microsoft online services like Azure, GitHub, Office, and Xbox, the company said, in a blog post celebrating World Password Day. This includes users who employ Windows Hello (fingerprint and facial recognition) to access Azure Active Directory (Azure AD) networks, and users who employ the official Microsoft Authenticator app and FIDO2-based security keys to log into various online accounts without passwords. Microsoft says that one of its current goals is to push and support users to adopt either multi-factor authentication (MFA) or passwordless login solutions to secure their accounts. The company cites the improved security features of an MFA or passwordless account when compared to accounts secured only by passwords, which most users tend to reuse, exposing accounts to easy hacks.
Why are the Windows and Android platforms always targeted by malware and other malicious attacks from nefarious hackers? Because they're used by so many people that the odds of a successful attack are dramatically increased compared to less popular platforms like macOS. For that same reason, Google's Gmail service is often the target of phishing scams that have become increasingly effective in recent years. Now, a new scam has been uncovered that may very well be the most well-executed scam in recent history, making it all too easy for victims to have their Google login credentials stolen. Via Lifehacker, the cyber security experts at Wordfence first brought this new scam to light earlier this year.