A new Twitter phishing campaign is targeting users looking for customer support online.
A new social media phishing scam campaign has broken out over Twitter targeting all major UK banks and their customers. The hackers create fake Twitter accounts, posing as customer support staff, in efforts to deceive customers into giving over personal and financial details.
Mark James, ESET IT Security Specialist, looks into how and why these phishing scams are successful for hackers, and how to protect yourself.
“Cyber criminals often come up with new and different ways to trick the unsuspecting user into releasing their private information, as trends move this way and that, they will adapt to catch you out.
“The easiest victim is the one expecting to receive a response: if you target someone out of the blue the chances are it will be unsuccessful, if you are able to respond to someone’s cry for help you are already more than halfway there.
“Voicing your concerns publicly via social media is increasing more and more, as it brings almost instant awareness to people’s concerns.
“Companies want to move it away from being public as soon as possible to contain the PR repercussions, but the downside is that the user is already expecting a response.
“Once they get that the thought of it being fake is often far from their minds, we expect some kind of security procedures to be executed so again we are playing right into their hands.
“We need to understand that these days sadly not everyone on the internet is who they say they are.
“Take some time to research the official response channels, make sure you know who is going to respond and be very wary of any deviations in names or errors in grammar.
“It only takes a few minutes to be the victim of fraud or identify theft and it cannot be undone, of course you can cancel cards and change passwords but it’s the inconvenience that causes the most damage in these cases.
“Don’t be afraid to ask questions, get some information from them if you’re concerned, and go check it out, then come back after you have verified it’s true.
“15 or 30 minutes won’t make a lot of difference and if they are genuine they will understand and often encourage it.”
Do you use social media to lodge your complaints with companies or organisations? Do they generally respond? Let us know on Twitter @ESETUK
Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.