Study Says Hackers Can Attack Social Logins to Impersonate You

TIME

Social logins like the kind used by Amazon and LinkedIn can provide an easy entry point for hackers to gain access to your accounts on various websites, according to new research from IBM’s security team.

Websites often ask users for third-party social logins to post comments, with Facebook and Twitter among the most common logins users use. IBM, however, found that certain social logins can be commandeered by a hacker to post misleading information or malicious software on some sites that use them.

The hack, dubbed SpoofedMe, works like this: A hacker registers a new account on a login platform with a victim’s email address. The hacker then uses that account to sign in to a third-party website (like Nasdaq.com or SlashDot.org), posing as the victim.

IBM’s team found that Amazon and LinkedIn’s social logins were vulnerable to SpoofedMe before they warned those companies earlier this year. LinkedIn has…

View original post 143 more words

Advertisements

Leave a comment

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: