Trend Micro report exposes criminal uses of Twitter

Thursday, 01 August, 2019

Trend Micro report exposes criminal uses of Twitter

Cybercriminals are abusing Twitter via tech support scams, command-and-control operations and data exfiltration, cybersecurity researchers have shown in a new report.

According to Trend Micro’s report, cybercriminals have been using fake Twitter accounts, imitating those of legitimate vendors, to create credible-looking tech support scams. Consumers call the fake phone number provided, believing they are speaking with the intended company’s help desk, and end up sharing credit card information or installing malicious content on their computer.

This is often part of a multiplatform strategy, where scammers have accounts on YouTube, Facebook, Telegram and other channels to improve their fake tech support website’s search ranking.

While criminals are using social media for evil, the report explains that threat researchers can harness its power for good. For example, Twitter is used for vulnerability disclosures to inform patch prioritisation and scanning for indicators of compromise, threat detection rules and other contextual information to boost threat intelligence.

Trend Micro Director and Data Scientist Jon Oliver said: “This research shows businesses how the misuse of social networks can damage their brand, and it informs consumers how they might be tricked into a scam from what is believed to be a trusted source.

“We hope by making these abuses known, both businesses and consumers can be vigilant to not become victims of such attacks.”

The company advised users can confirm a Twitter account’s validity by accessing the company’s website directly, rather than through the account. It added that security teams should validate Twitter data when leveraging it for investigations or threat intelligence.

Image credit: ©èque

Related News

Microsoft patches two new BlueKeep-like bugs

Microsoft patched four critical RCE vulnerabilities in the remote desktop services component of...

Mimecast maps cyberthreat landscape

Mimecast dug through over 67 billion emails rejected as spam, opportunistic and targeted attacks...

Cybercriminals set their sights on SMBs

Cyber attackers are turning their focus to SMBs as larger corporations tighten their security,...

  • All content Copyright © 2019 Westwick-Farrow Pty Ltd