Using copyright violation threats or the lure of obtaining a blue checkmark to verify your account, the latest scams easily trick victims out of their social media credentials.
For anyone that is (or thinks they are) a social media “influencer”, there are no greater messages that will stir up emotions to get a response than a potential suspension on one end of the spectrum, and verification on the other. That’s what scammers are betting on in the latest phishing scams targeting users of TikTok, Instagram, and Twitter.
Using realistic-looking emails and landing pages (as shown below), the scammers convincingly take the victim for their credentials, and other details.
These information stolen can be sold on the dark web, used to further scam other initiatives (case in point, recent cryptocurrency scams on Twitter) by impersonating the victim.
While this feels like a scam that doesn’t impact organizations, identity theft – even on social media – can find its way into the organization through use of company devices for personal use. Organizations should make users aware of these kinds of scams to help both the employee and the organization stay safe.