DigitalOcean

Report this

What is the reason for this report?
Question

Social Engineering. Any protocols in place to prevent it?

Posted on January 29, 2014
haltercameron12

By haltercameron12

After just recently reading an article about a recent social engineering attack on a twitter user involving Godaddy and Paypal; I was curious to find out what protocols DigitalOcean has in place to prevent these attacks. It’s pretty concerning since OTP was enabled and someone still managed to gain control of his Godaddy and Twitter account.

It’s a pretty interesting read: http://gizmodo.com/how-i-lost-my-50-000-twitter-username-1511578384



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
4e3b97994aa14af2be3faa0a0b3ed8
4e3b97994aa14af2be3faa0a0b3ed8
January 30, 2014

Yes. Common sense and two-factor authentication! I think that’s what you meant by OTP (One Time Password)? But the author said he only had it on for his PayPal account. He said the attack vector started through Facebook, they changed his gmail account, and hacked his twitter. If he’d have have <br> <br>PLEASE let this be a lesson for everyone - ENABLE TWO FACTOR AUTHENTICATION EVERYWHERE YOU CAN! MY DigitalOcean account has it, my Cloudflare account (which handles the MX records) has it, my Facebook, Twitter and Gmail accounts all have it. Yes, it’s one more thing to do when logging in, but it makes you virtually hackproof. <br> <br>The user in that post wasn’t hacked because of any system failure or missing protocols; he was hacked because he didn’t use the 2FA (call it OTP, TSA, two-step-authentication or whatever) that is provided for all of the services he uses, including GoDaddy.

0
4e3b97994aa14af2be3faa0a0b3ed8
4e3b97994aa14af2be3faa0a0b3ed8
January 30, 2014

Can’t find the edit button - no idea what happened to last sentence of para 1, but it should finish “if he’d have enabled two factor authentication, it couldn’t have happened”.

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.