• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » News » Fake Twitter Notifications Used in Targeted Phishing Attack

Fake Twitter Notifications Used in Targeted Phishing Attack

2020-07-02 by Michelle Dvorak

Twitter Phishing Attack

Fake Security Notifications Impersonates Twitter in Attempt to Steal Login Credentials

Threat actors are using fake Twitter security notifications in an attempt to steal login credentials. The attack is targeted and focused on highly valuable Twitter accounts. Links in the phishing emails contain links to steal user login credentials, says a report by cyber security researchers at Abnormal Security.

This phishing email masquerades as an automated security notification from Twitter. It instills a sense in the target making them think their account is in jeopardy. They are convinced they must act immediately (without thinking) of urgency to protect account security. The phishing email contains a credential phishing link that redirects the user twice – eventually to a fake Twitter branded web page. The email body even has a section giving advice on how to tell if a notification is authentic.

Typically threat actors try to disguise malicious emails with messaging and logos taken from the real sites they are trying to impersonate. Often it can be very difficult to tell an authentic security notification from a fake version. Links in phishing emails are usually disguised with link shorteners to hide the true destination web page from the reader. Link shorteners can also help a phishing email get past spam filters

Phishing for corporate social media account is up 60 percent in the past two months. Instagram, Facebook, and Twitter have all been used to target corporate social media accounts that are valuable to brands and businesses. One way to help detect a phishing email is to look very, very closely at the sender’s email address. It may be sent from an email that is using a domain name that is incredibly close to a real website or social media channel. Sometimes is very difficult to see minor differences in email sender names. For example,  the letter “i” in Twitter was replaced with a lower-case “L. – in a domain name so the hacker could send emails using the address of “Twltter” rather than the legitimate “Twitter in a previous attack”

“This attack is highly sophisticated and unique as it targets a specific individual in this organization. This type of attack has not been seen anywhere else, and the domain of the payload link was not flagged as malicious by many search engines,” says Abnormal Security.

READ: Phishing for Corporate Social Media Logins Up 60% in 2 Months

In this cyber attack, hackers send the recipient a phishing email warning the target that there was an unauthorized login to their Twitter account. The messaging in the email tells the recipient they must click on the link in the email to login and protect their account. Links in phishing emails, malicious web pages, and on social media con be hidden in a number of ways. Images, URLs, and text can all be used to disguise harmful links.

This phishing email s especially crafty because the link is is disguised with text and redirects the reader twice. The body of the email is audacious enough to advise the reader on how to detect a fake email. It was also targeted at a specific individual.

“By impersonating a security notification email, the attacker gains a sense of credibility to the user because, by notifying the recipient of a case of a “bad” login, the recipient believes the email to be “good”. The section of the email “How do I know an email is from Twitter?” is crafted by the attacker in an attempt to legitimize this attack to further fool the target,” says Abnormal Security

Like many malicious websites and spoof web pages, the notification emails use Twitter branding to trick the recipient into thinking the email is legitimate. Read our guide on how to spot a phishing email.

Filed Under: News Tagged With: Twitter

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version