Phishing attacks Twitter spoofs to steal account credentials

Phishing attacks Twitter spoofs to steal account credentials

A new phishing campaign that saw Unregulated Security try to deceive people with phony Twitter security alerts.

Image: GrafVishenka, Getty Images / iStockPhotos

Phishing scams are very popular among many cybercriminals because they are relatively easy to set up and use. Since the phishing emails usually impersonate a well-known company or brand, they have a good chance of catching unsuspecting victims who have accounts with the spoofed entity. A new phishing campaign investigated by security provider Abnormal Security shows how the attackers are taking advantage of Twitter users to steal account credentials.

SEE: Fighting phishing attacks on social media: 10 tips (Free PDF) (TechRepublic)

Explained in a recent blog post from Abnormal Security, this attack was aimed at a specific individual working at an organization that uses Twitter extensively. The goal was to contact this person with an emergency security alert in an attempt to obtain their Twitter password.

Using Twitter's brand name and logo, the original email signed Twitter's security warning by claiming that the recipient's account was used to log in to a different device in a different location, specifically a Windows 7 computer in Canada.

The email states that if the login came from the recipient, no action will be required. But the attackers may have realized that the machine or place would raise a red flag. In that event, the user was asked to click a link to verify their account.

twitter-phishing-scam -ormal-security.png

Image: Unconventional security

The link itself is abbreviated by text and leads to a redirect or two if clicked. The first redirect goes to a site hosted on a dynamic DNS service, while the second redirect redirects the user to an anonymous domain masquerading that was recently registered as a landing page. on Twitter. Both on the domain and on the landing page is the Twitter brand name. Of course, if the recipient feeds, the Twitter credentials will be in the hands of the attackers who will use them to destroy the person's account.

READ  This is what happens to your body if you die in space

This type of attack is designed to succeed on a few levels. First, the security alert tries to convince the recipient that there has been malicious activity on their Twitter account. The gambling attackers have a sense of fear to motivate the user to quick action. Second, the link is hidden by text, so the recipient is more likely to click without realizing that it takes them to a phony login page.

Third, there is a section on the e-mail called "How do I know if an e-mail is from Twitter?" Fourth, both a fake email and a landing page look like they came from Twitter with the familiar brand name and logo. Finally, the attack is heavily targeted. Unregulated Security found that it had been hacked against a specific individual, thus avoiding a large or large phishing campaign that could be blocked by a security gateway.


    See also

    Related Posts

    Deja una respuesta

    Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *


    We use cookies to ensure that we give the best user experience on our website. If you continue to use this site we will assume that you agree. More information