Blog

When Tweets & Phishing Collide

posted by: FraudWatch International date: Aug 05, 2015 category: All, Phishing, Social Media comments: Comments Off on When Tweets & Phishing Collide

Many organisations think of social media abuse as a non-financial issue, however, as this article will demonstrate, it is just as important as any Anti-Phishing service a business may employ.

Consider this; a cyber-criminal creates a fake Twitter profile using your exact business name and company logo. All they change is perhaps the handle (Twitter username) for the account, which is unlikely to be noticed by any of your customers. Then, the criminal monitors your business’ Twitter feed and jumps in ahead of your staff, to answer customer queries, giving out potentially false or malicious information. Or maybe the criminals simply target followers of your Twitter feed, to request information from them. This could have a huge financial impact on your business and your customers.

A fake Twitter account can be set up in a matter of seconds and it is extremely difficult for customers to tell the difference between your legitimate account and an imitation one. Bad grammar can be a tell-tale sign of a fake Twitter response, but realistically, the only way a customer would detect an issue, is if they were to go to your website and compare your Twitter username with the one on the fake Twitter feed. Most customers will not do this due diligence and therefore, could unknowingly become a victim of cyber-crime. Once the criminals have the customers hooked, they may damage your brand by being rude to customers, or they may even carry out phishing attacks using the fake Twitter account (by sending malicious files or links to customers, telling them to download forms to fill in).

As a business, you need to protect your customers by being proactive with the monitoring of your Social Media accounts. You may have a Social Media team, who can watch the comments being made on your profile pages and pick up on anything strange (this is called “Sentiment Monitoring”). You may also choose to engage an Internet Security company, like FraudWatch International, who can monitor any new accounts that are created using your business name, and investigate as to whether they are legitimate or not. Illegitimate accounts will be taken down.

Social Media services need to go hand in hand with Anti-Phishing services, so that not only can the fake Twitter account be removed, but any malicious web site that is being promoted can be taken down as well.

Comments are closed.