Wendi Deng hoax highlights Twitter security dangers

A hoax involving a Twitter account supposedly belonging to the wife of News International chief Rupert Murdoch has led experts to question the security and fraud protections on the popular microblogging site.

An anonymous writer behind the @Wendi Deng feed has confirmed that the account once verified by Twitter as authentic is a parody feed written from the perspective of the media mogul's wife.

"Verifiably not @rupertmurdoch's wife. Unless you're Twitter. Or News International. SPOOF ACCOUNT," the author wrote.

The feed was recently declassified as a verified account by Twitter. The company uses the verified status and its associated blue checkmark logo to assure users that celebrity feeds are in fact authentic and not written by third parties.

"We can confirm that the @wendi_deng account was mistakenly verified for a short period of time and apologise for the confusion this caused," the company said in a statement.

The security and authenticity of celebrity Twitter feeds has been an ongoing concern for the company. Celebrity accounts have not only fallen prey to impersonators and scammers, but also to hackers looking to take control of high-profile accounts for malware and spam operations.

Twitter has adopted a number of measures aimed at improving security, such as the use of secured connections and mobile security components.

The company may, however, need to take additional steps to ensure that verified accounts are in fact authentic.

Sophos senior technology consultant Graham Cluley said that the situation made a mockery of the company's verified accounts platform.

"Questions need to be asked as to how the bogus Wendi Deng's account ended up verified by Twitter, when it appears that the brainbox behind the mischief never asked them to approve the account," Cluley noted in a blog post.

"And although no harm was done on this occasion, it's possible to imagine how someone with more malicious intentions could have taken advantage of the situation."