This past July, Twitter fell victim to an infamous social engineering attack. The attack gave hackers control of over one hundred high-profile accounts - from politicians to celebrities. The hackers used these accounts to scam Twitter followers out of money. Now, cybercriminals are using this event as bait for a convincing phishing scam.
The phishing email uses text that is very similar to the official statement that Twitter made in response to the July attack. The email claims that due to a security breach, you must confirm your identity by clicking on a link in the email. If you click the link, you are redirected to a site that looks very similar to the real Twitter login page. The site is actually a look-alike designed to steal your login credentials. Any information that you enter on this page is delivered straight to the bad guys.
Don’t be fooled! Follow these tips:
It was the early morning hours when the phone rang. A fire had broken out in the building where we had our business. We threw on our coats and raced to the location. All I saw were flames and smoke as the firefighters worked to gain control of the blaze. It wasn't a surprise when I was informed the structure was a total loss - and everything in it. Where do we go from here?
There’s a phishing attack out there that is stealthy and not easily detected until the damage is done. It’s called Vendor Email Compromise, and it’s worth billions worldwide.