Do you know what phishing tactics to look out for?
Social media is a common conduit for phishing scams, but Twitter’s new verification policies have triggered an unprecedented spike in impersonators on the platform. Digital Agent is urging its clients and followers to exercise caution before clicking any links on Twitter while its verification policies are in flux. For a brief period this week, any account could pay to receive a “verification” badge, which used to indicate that an account holder’s identity had been thoroughly vetted. This new verification badge, which looked the same as the old badge, indicated that the user may have only paid for a premium version of Twitter known as “Twitter Blue” and had not actually had their identity verified by Twitter. This caused understandable confusion among users and was quickly abused by scammers.
We have seen impersonators tweeting from these new “verified” accounts, including fake versions of major companies like Nintendo, celebrities, elected officials, and even Twitter’s official accounts. Many of these fake “verified” tweets contain memes or profane content designed to mock and disrepute the organization or individual that is being impersonated. However, these seemingly “verified” tweets can also include malicious links that could compromise your personal and company security if clicked.
In addition to avoiding these links, we encourage organizations to monitor Twitter for potential impersonators of their own accounts, and to enable multi-factor authentication (MFA) on their official accounts. While it is difficult to say for sure what is happening at Twitter internally, there have been reports that its chief information security, privacy, and compliance officers have resigned. If true, this would make the site an ideal target for cybercriminals and may suggest that Twitter users’ data is not being handled in compliance with federal regulations.
Digital Agent’s official Twitter account can be found here. If you have any questions or would like further information on how to avoid phishing scams, do not hesitate to contact your Digital Agent. We regularly publish information on phishing and cybersecurity trends here, on our blog.
Remember, think before you click.
Digital Agent combines the latest technical innovations with old-fashioned service values. Modeled like a family-run business with a commitment to customer care, personalized service and attention to detail.