The Financial Times became the latest news agency to fall prey to the Syrian Electronic Army, the hacking group which has claimed the social media scalps of the AP, The Onion, the BBC, and NPR, perhaps signaling that news outlets should be more like The Onion and come clean about how they're getting hacked.
Thankfully, Friday's hack was minor compared to SEA's most game-changing hack to date—declaring that the White House had been attack, which then caused the markets to dive for a few seconds. "Twelve posts entitled “Hacked by the Syrian Electronic Army” appeared on the FT’s tech blog between 12.38pm and 12.42pm London Time on Friday, with official Twitter feeds also disrupted," The Financial Times self-reported. The news outlet has secured its accounts and the posts have been deleted.
But what's sort of worrisome is that the FT now joins some of the biggest media players in the world as victims of the Syrian Electronic Army. "The attack against the FT follows dozens of other Syrian Electronic Army attacks on the social media accounts of news outlets including The Guardian, the BBC, NPR, Reuters and The Associated Press," reports The New York Times's Nicole Perlroth.
FT spokespeople haven't said how the hackers got in, but the method researchers say the hackers are using is a simple phishing scheme—an email which asks journalists to click on a shady link. "Once clicked, the link redirects employees to a fake Google or Microsoft mail site that asks the employee for their user name and password," Perlroth reported. The Onion reported as much last week, when it explained exactly how it was hacked and showed off the e-mail one of their own possibly clicked:
Again, we're not sure how exactly the FT was hacked, but we could see how someone could get fooled by the @unhcr (United Nations High Commissioner for Refugee) address. And it's perhaps time The Onion's advice should be taken seriously.