SMS enabled Twitter accounts are vulnerable to hackers who can send false Twitter updates simply by knowing the user’s associated mobile number. Hackers can also use this method to change user’s profile information.

The Tweet-by-SMS function is easily hacked by falsely authenticating the originating address of the tweet – otherwise known as spoofing. Twitter has recently fixed the security flaw for short code users, but long code users should enable PIN code authentication to avoid the security flaw, though this is not available for users in the United States.

Evidently, Twitter has known about the flaw and considers it an “old issue”. Facebook shared a similar security flaw but has already fixed the error. (Via Gizmodo)