Trend Micro report exposes criminal uses of Twitter

Cybercriminals are abusing Twitter via tech support scams, command-and-control operations and data exfiltration, cybersecurity researchers have shown in a new report.

According to Trend Micro’s report, cybercriminals have been using fake Twitter accounts, imitating those of legitimate vendors, to create credible-looking tech support scams. Consumers call the fake phone number provided, believing they are speaking with the intended company’s help desk, and end up sharing credit card information or installing malicious content on their computer.

This is often part of a multiplatform strategy, where scammers have accounts on YouTube, Facebook, Telegram and other channels to improve their fake tech support website’s search ranking.

While criminals are using social media for evil, the report explains that threat researchers can harness its power for good. For example, Twitter is used for vulnerability disclosures to inform patch prioritisation and scanning for indicators of compromise, threat detection rules and other contextual information to boost threat intelligence.

Trend Micro Director and Data Scientist Jon Oliver said: “This research shows businesses how the misuse of social networks can damage their brand, and it informs consumers how they might be tricked into a scam from what is believed to be a trusted source.

“We hope by making these abuses known, both businesses and consumers can be vigilant to not become victims of such attacks.”

The company advised users can confirm a Twitter account’s validity by accessing the company’s website directly, rather than through the account. It added that security teams should validate Twitter data when leveraging it for investigations or threat intelligence.

Image credit: ©stock.adobe.com/au/Graphithèque