BBC Sport in Rugby World Cup Twitter spam slip-up

Filed Under: Social networks, Spam, Twitter

A compromised Twitter account has resulted in the embarrassing broadcast of a spam message via the BBC's website.

More and more TV stations are encouraging both their staff and their viewers to jump onboard the social media bandwagon, and use the likes of Twitter to interact and keep up-to-date with the latest developments. But if you don't take care, you may end up with some egg on your face.

Take, for example, BBC Sport's extensive online coverage of the Rugby World Cup, where alongside the match reports and videos you can also follow the latest tweets from the BBC's Rugby correspondents.


It sounds like a terrific idea - a great way for sports fans to keep up with the latest developments from the BBC's team of experts. But take a closer look and you'll find that Jim Mason, BBC Scotland's rugby correspondent, appears to have had his Twitter account compromised. Overnight it sent out a spam message encouraging people to investigate an Acai Berry diet.

Serious about shedding a few pounds? read this its interesting! [LINK]

Jim only has a few hundred followers of his Twitter account, so this spam won't have had a huge impact there. But because it has been syndicated to a much wider audience via the BBC's sports website it has the potential reach many more people and - of course - increase embarrassment for the corporation.

Some 14 hours after the tweet first appeared, it still hasn't been deleted - and is still appearing on the BBC's website.

If you were to click on the link (I wouldn't recommend it) you will be taken to a website that poses as a fake news page, promoting the miracle Acai Berry diet.

Acai Berry diet spam website

My guess would be that Jim's Twitter password has been phished. He should change it immediately, and ensure that he is not using the same password on any other website.

And if you're a media organisation - consider how you're going to handle an authorised Twitter message appearing on your website. This time it was just spam, but it could have been something much more malicious.

, , , , , ,

You might like

2 Responses to BBC Sport in Rugby World Cup Twitter spam slip-up

  1. Lewis Wiltshire · 1076 days ago

    Hi Graham -

    Thanks for the alert. We'll get the tweet deleted. Because so many tweets fly through that module on our site (it only displays a few at a time as you can see) the tweet had gone before I spotted it, and so I was unaware of it (despite it still being on Jim's page, as you point out).

    You're right to highlight the wider issue though - touch wood, we have a very strong track record of our accounts not being breached, but that doesn't mean we are complacent, and I will remind all of our 'official users' of Twitter to change passwords regularly, and not click any URLs they are unsure of ... just the good practice stuff really.

    Appreciate the alert and the reminder.

    Lewis Wiltshire (Social Media Editor, BBC Sport). @LewisWiltshire

  2. Deborah Galea · 1065 days ago

    Hi Graham,

    Best security practice: only respond to direct messages and check out new followers by going to the Twitter website. Lately there have been reports of false Twitter notifications. By clicking on the links in these emails you could be infected with a virus or perhaps you might be asked to enter your Twitter credentials. Unwittingly you are not logging in to Twitter but instead providing your Twitter password to phishers.

    Deborah Galea, contributor to Email Security Blog: http://blog.policypatrol.com.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.