Cybercriminals exploit the chaos on Twitter to launch ‘phishing’ campaigns | technology
Since Elon Musk closed the Twitter acquisition at the end of October, there have been cybersecurity issues related to the platform. blue twitter, Paid subscription service Launched earlier this month in the US, Canada, Australia and New Zealand through which the entrepreneur intends to provide the blue badge to verified accounts without actually verifying the identity of the user, as was the case until now, it is no longer available in the face of a wave of scammers. and identity theft.
However, this wasn’t the only chaos that arose as a result of the new leadership at the company; According to cybersecurity firm Proofpoint, since making the acquisition, its researchers have noticed a “significant increase in phishing related to this social network. Specifically, cybercriminals are using account verification and the new Twitter Blue product as lures to steal Twitter credentials.”
Of course, these attacks are not aimed at general users, but they are “usually directed at public figures or those associated with the media, including journalists, who may have verified accounts.” As the company points out, the email address is sometimes available in the Twitter bio or matches the username, “so it’s easier for scammers to access.”
However, as in any possible case of phishingCaution is advised: “The subject lines of these emails usually refer to the new premium subscription payment introduced by Musk and in the content there are usually Google forms to collect data and URLs that direct to websites run by cybercriminals.”
In other cases of fraudulent campaigns, Twitter has recommended that accounts be consulted @employee s @employee (Although it has not been published again since Musk’s arrival), the articles Help Center (where there are spaces covered How to identify fake emails and tips for improving account security) f Articles.
It is important not to download any attachments, click links, or share login information outside of official Twitter forms.
Proofpoint insists on the risk that the abused profiles are of private public relevance: “These hacked accounts are then used to spread false information, incite other users to interact with malicious content and deception, or to promote further campaigns phishing“.
“It is not surprising that activity has increased in recent weeks. It is very common for cybercriminals to use news or relevant topics to get their target interested and thus increase the likelihood that they will interact with email content,” explains Proofpoint Vice President of Research and Threat Detection Sherrod DeGreppeau.
You can follow country technology in Facebook s Twitter Or sign up here to receive The weekly newsletter.
