Phishers now use Twitter to craft clickbait attacks

If you’re active on Twitter (and even if you aren’t), phishers may have your number.

The latest method for successful spearphishing attacks, according to New Scientist, relies on information and habits gleaned from a target’s Twitter account.

The attackers examine accounts to look for a high-profile target: someone with lots of followers, a frequent Tweeter, etc.

They then use programs to find out even more about the target, for instance the types of articles they’re likely to like or information they may be retweeting and times they’re most likely to be active on Twitter. Then, the programs craft a message that’s likely to intrigue them or get them to click.

Highly effective

According to the New Scientist report, this can be surprisingly effective.

Researchers were able to convince more than two-thirds of their 90 targets to click on a link. Even using the tech-savvy hashtag #infosec was able to ensnare would-be victims.

The best bet: Think carefully before you click on any link, be it social media, email or any other vector.

Although that won’t stop a determined hacker, it’s a good first step. Other good steps to take include keeping operating systems – mobile or otherwise – up to date and patch other software as it becomes available.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy