Trend Micro report exposes criminal uses of Twitter
Cybercriminals are abusing Twitter via tech support scams, command-and-control operations and data exfiltration, cybersecurity researchers have shown in a new report.
According to Trend Micro’s report, cybercriminals have been using fake Twitter accounts, imitating those of legitimate vendors, to create credible-looking tech support scams. Consumers call the fake phone number provided, believing they are speaking with the intended company’s help desk, and end up sharing credit card information or installing malicious content on their computer.
This is often part of a multiplatform strategy, where scammers have accounts on YouTube, Facebook, Telegram and other channels to improve their fake tech support website’s search ranking.
While criminals are using social media for evil, the report explains that threat researchers can harness its power for good. For example, Twitter is used for vulnerability disclosures to inform patch prioritisation and scanning for indicators of compromise, threat detection rules and other contextual information to boost threat intelligence.
Trend Micro Director and Data Scientist Jon Oliver said: “This research shows businesses how the misuse of social networks can damage their brand, and it informs consumers how they might be tricked into a scam from what is believed to be a trusted source.
“We hope by making these abuses known, both businesses and consumers can be vigilant to not become victims of such attacks.”
The company advised users can confirm a Twitter account’s validity by accessing the company’s website directly, rather than through the account. It added that security teams should validate Twitter data when leveraging it for investigations or threat intelligence.
Bitdefender launches endpoint security tool
Bitdefender has launched its new GravityZone PHASR pre-emptive endpoint security solution in...
Sophos launches security advisory services in Australia
Sophos has introduced a range of security advisory services designed to detect and remediate...
Macquarie Telecom announces integration with Netskope
Macquarie Telecom has arranged to integrate its SD-WAN offering with Netskope's Security...