Trend Micro report exposes criminal uses of Twitter

Thursday, 01 August, 2019

Trend Micro report exposes criminal uses of Twitter

Cybercriminals are abusing Twitter via tech support scams, command-and-control operations and data exfiltration, cybersecurity researchers have shown in a new report.

According to Trend Micro’s report, cybercriminals have been using fake Twitter accounts, imitating those of legitimate vendors, to create credible-looking tech support scams. Consumers call the fake phone number provided, believing they are speaking with the intended company’s help desk, and end up sharing credit card information or installing malicious content on their computer.

This is often part of a multiplatform strategy, where scammers have accounts on YouTube, Facebook, Telegram and other channels to improve their fake tech support website’s search ranking.

While criminals are using social media for evil, the report explains that threat researchers can harness its power for good. For example, Twitter is used for vulnerability disclosures to inform patch prioritisation and scanning for indicators of compromise, threat detection rules and other contextual information to boost threat intelligence.

Trend Micro Director and Data Scientist Jon Oliver said: “This research shows businesses how the misuse of social networks can damage their brand, and it informs consumers how they might be tricked into a scam from what is believed to be a trusted source.

“We hope by making these abuses known, both businesses and consumers can be vigilant to not become victims of such attacks.”

The company advised users can confirm a Twitter account’s validity by accessing the company’s website directly, rather than through the account. It added that security teams should validate Twitter data when leveraging it for investigations or threat intelligence.

Image credit: ©èque

Related News

Claroty uncovers VPN product vulnerabilities

Claroty said it has found and reported critical vulnerabilities in three popular VPN products...

93% of security pros lack the needed tools

Most security professionals lack the tools to detect known security threats and close known...

UNSW raises $1.3 million for IoT cybersecurity start-up

The new company, CyAmast, is based on software developed by Dr Hassan Habibi and his research...

  • All content Copyright © 2020 Westwick-Farrow Pty Ltd