The Limited Times

Now you can see non-English news...

Cybercriminals take advantage of the chaos on Twitter to launch phishing campaigns

2022-11-29T09:39:58.501Z

In recent weeks, cases of fraud using account verification and Twitter Blue as lures to steal user credentials have increased, according to cybersecurity firm Proofpoint.



Since Elon Musk closed the purchase of Twitter at the end of October, there have been cybersecurity problems related to the platform.

Twitter Blue, the paid subscription service that was launched earlier this month in the United States, Canada, Australia and New Zealand and through which the tycoon intended to offer the blue badge for verified accounts without actually verifying the user's identity, as was the case until now, it became unavailable in the face of a wave of impostors and identity theft.

However, this has not been the only chaos that has arisen as a result of the new leadership in the company;

According to the cybersecurity company Proofpoint, since the acquisition took place, its researchers have “observed a considerable increase in phishing campaigns related to this social network.

Specifically, cybercriminals are using account verification and the new Twitter Blue product as lures to steal Twitter credentials."

Of course, these attacks are not targeting users in general, but "are usually directed at public figures or those related to the media, including journalists, who are the ones who may have verified accounts."

As the company points out, the email address is sometimes available in the Twitter biography or coincides with the username, “so it is easy for scammers to get to”.

Even so, as in any possible case of phishing, caution is recommended: "The subject lines of these emails usually refer to the payment of the new premium subscription introduced by Musk and in the content there are usually Google forms for the collection of data and URLs that direct to websites managed by cybercriminals”.

In other cases of fraudulent campaigns, Twitter has recommended consulting the @TwitterSeguro and @TwitterSafety accounts (although since Musk's arrival they have not been published again), the Help Center articles (where there are spaces that address how to identify fake emails and tips to improve account security) and his blog.

It's important not to download any attachments or click links, or share login information outside of the official Twitter forms.

Proofpoint insists on the danger that the profiles that are being victimized are of special public relevance: "These compromised accounts are then used to spread false information, incite other users to interact with malicious content and get scammed, or to promote more campaigns of phishing”.

Proofpoint's vice president of research and threat detection, Sherrod DeGrippo, explains that “it is not surprising that activity has increased in recent weeks.

It is very common for cybercriminals to use relevant news or topics to capture the interest of their target and thus increase the likelihood that they will interact with the content of the email.

You can follow

EL PAÍS TECNOLOGÍA

on

Facebook

and

Twitter

or sign up here to receive our

weekly newsletter

.

Source: elparis

All tech articles on 2022-11-29

You may like

Life/Entertain 2022-12-17T10:00:51.464Z
Life/Entertain 2023-01-26T15:21:31.266Z
Life/Entertain 2022-12-21T09:41:51.221Z
Life/Entertain 2023-01-19T15:42:13.967Z
News/Politics 2022-12-14T18:23:43.591Z

Trends 24h

Latest

© Communities 2019 - Privacy