Hackers are using a previously landed cyberattack on Twitter to launch phishing scams.
Twitter has been under the hacker limelight for a long time now. There has been various instance reported about Twitter accounts being hacked. Accounts of various celebrities and famous personalities have been hacked several times by hackers for gaining benefits.
Researchers have recently revealed that hackers are now using the text from Twitter’s response to generate a credential stealing phishing scam. The screenshot of this latest phishing scam is attached below:
If the targeted user clicks on the “Confirm your Identity” button, the page is redirected to a Twitter look-alike, malicious and hackers controlled page. This page then demands the login credentials of the user which when provided is saved and forwarded to the hacker.
A 3rd party service named SendGrid was used instead of attacker owned servers making it much easier to execute such an attack. This is because not only does SendGrid’s reputation allow such emails to be more evasive of spam filters but it also has in-built features that allow one to “obfuscate links” and see detailed analytics of how their phishing emails in this case are performing.
This phishing attack has no involvement of Twitter but the main culprit can be the SendGrid services. SendGrid can be hold responsible for providing the services to hackers which are making their work easy which allows them to target people.
NPAV recommends users to never trust these emails and refrain from providing your credentials though such links. Use NPAV and join us on a mission to secure the cyber world.