Today cybersecurity researchers have published a detailed way about how can you scam the scammers that are running phishing operation in which they pretend to be Virgin Media support on Twitter.
Same cybersecurity researchers are saying that this particular type of phishing cyber attack is relatively new on the cyberspace.
It starts with a scammer registering multiple fake Twitter accounts that are used to impersonate legitimate customer support. Then the scammer starts monitoring the real support accounts for irate customer messages.
When bad customer messages arrive, a fake Twitter account quickly starts to exploit the customer’s frustration by sending messages back to them, which are typically loaded with malicious links.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Sadly and happily at the same time, this is what happened to a member of the cyber security team when he complained to Virgin Media via Twitter.
Immediately after receiving replies from the official account and from the fake account he decided to trick the trickster.
At first, it was tested how gullible the scammers were by providing a fake name Wade Wilson, which for those who don’t know is a comic book character also known as Deadpool. Then when the scammer asks for an address it was given to him the address of a police station.
After getting the address without having any suspicion the scammers requested Wade Wilson’s credit card details that were linked to the official Virgin Media account. At this point, it was offered to scammers a set of test credit card details.
When the credit card authorization failed to work for scammers, they tried to convince the victim to provide the details of another card. The scammers were told that a new credit card details will be given shortly but at the same time, the cybersecurity researcher provided them a link with the intention of trying to trick them into clicking on it in order to expose their IP address.
To finish the scammer off the cybersecurity researcher faked a screenshot of an AmEx fraud alert SMS featuring its own phishing link requesting that the user click to verify their card details.
After sending a fake SMS message the researchers received a click on his web server. At this point, the researchers reported this all back to Twitter, that suspended the fake account, and also alerted the Police in the UK to find and apprehend those responsible for the cyber attack.
We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.