Pickr
  • Latest News & Reviews
  • Recommendations
  • Phones
  • Earphones
  • Sound
  • The Wrap
No Result
View All Result
Pickr
  • Latest News & Reviews
  • Recommendations
  • Phones
  • Earphones
  • Sound
  • The Wrap
No Result
View All Result
Pickr
No Result
View All Result

Twitter scammers try phishing via DMs

Leigh :) StarkbyLeigh :) Stark
December 8, 2021
Reading Time: 3 mins read
Share on TwitterShare on FacebookShare on LinkedInShare over email

Not every message dropped into your Twitter account is the real deal. Some are trying to phish for your details and break into your account.

Something a little bit different could be hitting the inbox of your social media account this week, as scammers try an old tactic in a slightly new way, phishing for logins and details on a social network they have zero control in.

It’s something we saw this week in Pickr’s editor’s own inbox, as scammers attempted to portray themselves to be one of Twitter’s support teams, when the reality is they’re anything but.

Arriving from the account “Feedback Team”, it’s a group trying to be seen as Twitter’s Support team, and given the 170K followers, seems to suggest at least some have fallen for the trick.

Reading the direct message sent by the scammers might explain why.

As a Twitter support team, we have received copyright complaints about some of the tweets you share on your account. We would like to inform you that if you do not provide feedback by following the link below, your account will be permanently suspended and your account will not be reopened unless the copyright holder withdraws this request.

But then there’s the link, and like all scams, it’s the first giveaway that something is wrong.

Always look at the website behind a link

While an untrained eye may not pick up that this message was a scam, the link is the obvious give-away, because much like how scammers can’t use a real company’s email in their scams, they also can’t host this scams on the real website. Often, they’ll try to use a similar domain that’s just different enough to make you think it’s the real deal, such as an extra letter the brain my disregard.

In this scam, the link to the so-called support item was clearly not on Twitter’s website, but rather “sites.google.com”, which may be on Google, but it’s free website space for people with a Google account. Think of it as space anyone can use, not an official Google site. Also, Twitter isn’t made or owned by Google, so part of this ruse is defeated when you realise that.

For this scammer, the attempt appeared as a fairly basic phishing account, complete with the typical assortment of poor English we’re used to seeing from scammers.

“As an Twitter Team, we play close attention to the Community rules”, read one part of the page. “Login in your account,” read another. “Please write your Username and Password and click “Confirm Account” and fill the next form.”

Yep, the language is poor, and clearly not Twitter, but with over 170,000 followers, you have to wonder how many people have fallen for the trick.


Scams in your social aren’t new

The problem is that scammers going through your social media accounts isn’t new, and is actually called “social engineering”. The idea behind this ploy is to trick you into thinking the messaging is legit, often by pretending to be a large organisation (such as Twitter), or by creating a similar account to a real friend and using that seed to convince you of their legitimacy.

To beat these sorts of scams (and pretty much any other scam), pay close attention to the details of a message — of any message — and make sure you don’t just hand over details without thinking.

Phishing scams often work because we don’t ask questions for why the sort of information being requested is being called for.

With Twitter, the scam attempt is asking for your username and password, but Twitter’s support team doesn’t need your password to act on something like this if it were real. If it was, in fact, a real issue, Twitter would just tell you, rather than have you log in, as you’re already a part of its system.

These sorts of scams aren’t new, however, and Twitter has been dealing with them over email in the past. However, it seems as though your Twitter’s direct message inbox is a new battleground, and one you’d do well to stay aware of.

Leigh :) Stark

Leigh :) Stark

One of Australia's well regarded technology journalists working out of Sydney, Leigh Stark has been writing about technology for over 15 years, covering phones, computers, cameras, headphones, speakers, and more. Stylising his middle initial with an emoticon, he aims to present tech in a way that makes it easy for everyone. You can find him on Twitter and Facebook where he's typically talking tech, and can tune into what he's listening as he writes via Apple Music. While he founded Pickr in 2016, Stark's work can be seen in other publications including The Australian Financial Review, Popular Science, and many more. His award-winning podcast "The Wrap" is syndicated on Southern Cross Austereo's LiSTNR network weekly, while he can be heard on radio via ABC Brisbane and ABC Canberra, and seen on TV's Nine. Check out Leigh Stark's most recent media appearances.

ADVERTISEMENT

Related Posts

Samsung Galaxy S22 Ultra reviewed: practically epitomising premium
The Wrap - Australia's fastest technology roundup

The Wrap – Big screens, security, and Samsung’s S22 Ultra

May 23, 2022
Scammers try a dark approach with coronavirus vaccine scams
Security

Google Drive goes on defence with anti-malware, anti-phishing

May 17, 2022
What fallout can we expect from the 2019 Facebook leak?
How to

How to unmask a Bitly text message scam

May 14, 2022
ADVERTISEMENT
  • Recommendations
  • Best Picks
  • Methodology
  • About
  • Media Appearances
  • Contact
Change the way you choose.

© 2016 to 2022 Publishr Pty Ltd: ACN 624 227 256
All rights reserved.

No Result
View All Result
  • Latest News & Reviews
  • Recommendations
  • Phones
  • Earphones
  • Sound
  • The Wrap

© 2016 to 2022 Publishr Pty Ltd: ACN 624 227 256
All rights reserved.