Twitter Fake Brand Trick: How Not to Fall for It
Under the guise of brand representatives, scammers on Twitter lure people to phishing sites.
What is phishing and how can you prevent it? Read more here.
As the well-known New Yorker cartoon goes, “On the Internet, nobody knows you’re a dog.” Unfortunately, scammers who live on Twitter are guided by this idea and often deceive users by posing as support specialists for a brand and luring financial information from the victims.
How can you distinguish a fake and not get caught in this scam? Today we’ll talk about this in more detail.
Twitter is not a safe and secure place on the internet. Find out more here.
How do attackers deceive Twitter users?
One of the easiest ways to communicate directly with a company is to write posts on social networks and mention them in it. Most often, “Twitter” is used for this because it has a simple, small format. In addition, almost every company has its own account here, so there is a high chance that an official representative will notice the mention and respond to the post: they may give advice themselves or redirect your question to support specialists.
There’s just one problem – it’s not always clear that the person who answered you is really an official representative of the brand. Let’s be honest: many people don’t pay close attention to who they communicate with on social networks if it is not someone from among their friends. People are more focused on what they write than who they are. Of course, the attackers have not failed to take advantage of this and have learned to impersonate official brands to deceive people.
The scheme looks something like this:
The user posts his complaint on Twitter, waiting for a response from the company. Scammers, pretending to be the mentioned company, respond to the post and begin to bring the user to the dialogue in one of the following ways:
- 1. Scammers try to move the conversation into private messages, then try to extract personal information from the user.
- 2. Scammers try to persuade the user to contact them directly on some third-party platform, where they will use the same techniques but without fear of the consequences of violating the rules of Twitter.
- 3. Scammers pretend to be random people trying to help. They can write that the company in question rarely responds on Twitter, but allegedly there is a form that you need to fill out to contact the support service. This form contains mandatory fields for entering confidential information. Filling out this form, of course, gets you no technical support.
Most of all, scammers like to hunt for users of services related to cryptocurrency, since, on the one hand, this area is still in a certain “gray zone” of legislation, and on the other hand, the money amounts are very large there. But they do not ignore other industries either.
How not to fall for the tricks of fake support on Twitter
We’ve collected some tips for those who use social networks to communicate directly with brands.
- 1. Make sure that the brand name is spelled correctly.
Does this account really belong to the company you want to communicate with? As a rule, brands do not like impostors and report violators on Twitter. In addition, official support representatives will not respond to you from their personal pages.
Don’t just look at the nickname — be sure to check the username. In many scams, including in the case of crypto fraud allegedly on behalf of Elon Musk, the scammers used the same nickname (Elon Musk), but clearly a fake Twitter username.
- 2. Check for the verified account icon.
Usually, the official accounts of large companies have a verified account icon next to the name. Of course, if there is no such icon, it does not necessarily mean that you are facing scammers, but in this case you should at least be more careful and check the account for other suspicious signs.
If there is no icon, you can check what the username of the official representative of the brand in this social network should look like on the contact information page on the company’s website.
- 3. Do not share personal information in private messages.
This is especially true for data that gives access to your accounts (both on Twitter and on the service referred to in the correspondence). It’s not scary to tell someone your username, but you definitely don’t need to tell passwords or answers to the questions to restore it.
- 4. Do not fill out any forms on any sites other than the official website of the brand.
Brands do not use Google Forms and other similar services to solve support tasks.
- 5. Install a reliable security solution that can detect phishing.
Even if it does not allow you to distinguish a fraudulent account from a real brand on Twitter, it will warn you about an attempt to direct you to a phishing site; that is, it will protect you and your data.
Don’t forget about online protection as well. You can find more security tips here.