Ever since Twitter has been acquired by Elon Musk, it has been in the news for all the wrong reasons. Then may it be for the layoffs, Musk’s heated discussions with employees on Twitter, or the charges the new owner plans to incur on the verified accounts. But Elon Musk’s decision to charge for the blue tick has opened a floodgate of opportunities for miscreants.
According to Bleeping Computer, the phishing emails sent to the verified accounts, “were originating from servers of hacked websites and blogs that may be, for example, hosting dated WordPress versions or running unpatched, vulnerable plugins. Clicking on the link takes the user to the phishing webpage where threat actors misuse the $8 monthly fee announcement from Musk’s tweets.” The publication in its article further said that, “the phishing workflow collects user’s Twitter username, password, and proceeds to sending them a two-factor authentication code via SMS.”
As we speak about the verified accounts, it’s important to know who these individuals are and why they are on the list of hackers.
To put it into simple words, influencers get the blue tick on Twitter. Now, common people who become social media influencers also apply for a verification badge but prior to that people or businesses who have done remarkable work in their respective fields and have a massive public following like journalists, politicians, actors, brands, and other public figures.
HOW DOES PHISHING BUSINESS BENEFITS FROM TARGETING TWITTER VERIFIED ACCOUNTS
One of the simplest ways to explain this business model is that the targeted individual’s personal information or brands’ sensitive business information like credit card details, bank account details, identity proof, or username and passwords of emails or banking and payment apps are hacked to use this information to withdraw money from your account.
In some cases, like in Twitter’s case where a fake twin webpage is designed to trick users into believing that they are paying Twitter to retain their account, the money may also be directly credited to the hacker’s account.
Though mostly, the intention is to loot the victim, your accounts can also be misused for dangerous purposes like carry out a terrorist activity by stealing your identity. One has to be more careful if he/she is a politician or a celebrity. Just imagine this scenario, you are a politician who has been approached by the opposition party to join them. You have rejected the offer. It’s already in the news but the hacker sends out an email to the opposition party which says that you have accepted the proposal and then, this is circulated in the media. Proving otherwise is never a cakewalk and hence, this can cost you your career.
HOW DOES INDIVIDUAL TARGETING AFFECT THE ENTIRE ORGANIZATION?
This is what we should worry about. Most of the time, individuals are targeted with the intention to target the entire organization. In Twitter’s case, let’s assume that you are running a digital marketing agency or a celebrity management company where your employees handle social media for celebrities. In such cases, chances are high that such malicious links will be opened on a system that will put your whole organization at risk.
This is true to other businesses as well. It doesn’t have to be related to Twitter. Even if you are a payment gateway company, a banking institution, or an IT firm, the cyber criminal might find other ways to slip a malicious link into your email. For example, the threat actor might send an email to your employee which looks like communication from the HR or the CEO. In such cases, links are clicked without a second thought.
In Twitter’s case, the hackers are replicating a webpage. An employee or a verified user will get time to think as they might not want to take any action immediately. But most of the enterprises are just a click away from being hacked. An employee clicks on a link and the malware gets downloaded on the system without being redirected to a webpage that requests further action from the user. It’s as simple as that!
Now, the crucial question you must ask here is –
HOW TO STOP EMAIL PHISHING ATTACKS?
Unfortunately, you cannot completely stop such attacks. But yes, there are steps that employees can follow as a precautionary measure. This is applicable to everyone, the employees who are handling Twitter verified badge users’ accounts, verified users themselves, and also, individuals like CEOs who are at high risk of being targeted.
- If you ever get an email where you are asked to click on a link which looks genuine, don’t click on it before verifying the sender or the link’s destination address.
- Don’t provide your sensitive information to any unverified source
- When it comes to software and apps, make sure you install every latest update and security patch
- If you, accidentally, end up clicking on a link and land on a page that asks for information like credit card and bank details, do not give it.
- Maintain cyber hygiene.
- Change your passwords regularly.
Another precautionary measure is to “Train and Educate your Employees” about how cyber criminals target individuals and organizations where they can learn about types of cyber attacks and how to recognise phishing links.
If you are worried about how to implement this, do not worry. With ProPHISH, we help you to identify, train and then assess the employees who are susceptible to targeted phishing attacks. Hence, strengthening the weakest link in your organization.
Get to know the product better, understand its features, and also know what other enterprises say about ProPhish by checking out our product page here.