Twitter CEO Jack Dorsey’s Twitter Account Hack: Cybersecurity Expert Explains

This incident is a perfect example of the risks associated with communication – any form of communication – when sender identity is not authenticated. A hacker or hackers were able to take over or spoof Jack Dorsey’s phone number, probably by impersonating him in a call to his mobile service provider. The spoofed tweets sent through Dorsey’s account are despicable and offensive, yet far greater damage can be done using similar techniques. We see this play out over and over again with email communication. A hacker leverages impersonation to send extremely convincing spear phishing emails to a company employee, and in no time, fake invoices are paid, consumers’ data exposed, wire transfers are made to fake companies - the list is endless. To stop these attacks, we must focus on validating and authenticating sender identity, no matter the form of communication. With email, we can do this by taking steps like properly enforcing DMARC and implementing advanced anti-phishing solutions that confirm senders’ identities before allowing emails to enter employees’ inboxes. Until we prioritize these initiatives as a society, we will continue to see attacks and an erosion of trust in our main forms of communication: phone, text, email, and social media.  Read Less