Twitter Scammers Pose As Large Companies to Scam Unsuspecting Users

Social media has made it easier for customers to complain to large companies. Many companies now have dedicated social media accounts for this purpose. However, some complaint scammers are now attempting to jump in on these accounts to get personal information.

Scam Attempt

Last week, a complaint scammer tried to insert themselves into a complaint against ISP Virgin Media. The scammer pretended to be from Virgin Media and sent a direct message to the originator.

The scammer didn’t realise that the originator of the Tweet was the director of a UK-based cybersecurity company, Findus Information Security.

Director Andrew Mabbitt later wrote: “Yesterday whilst complaining to Virgin Media about my broken internet I encountered a very interesting scam attempt. Within minutes of posting a complaint I got two replies; one from Virgin Media themselves in a public message and another from somebody purporting to be from Virgin Media in my DM’s.”

Spotting the Inconsistency

Mabbitt realised that the complaint scammer was watching for keywords, and sending a reply while the customer was still upset and not on their guard.

The account was @virginscmedia which was a big warning. Further issues were that it was created in January 2019, had no followers, and no-one was following it.

Testing the Scam

Mabbitt tried to test the scammer by giving his name as Wade Wilson (the name of comic Superhero Deadpool). He also gave his address as the London Metropolitan Police.

The scammer didn’t realise the test and proceeded to ask for Mabbitt’s card number and expiry date for security purposes. Mabbitt gave the scammer test details provided by PayPal. He also set up a link for the scammer to click on to capture his IP address.

Catching the Scammer

There then followed back and forth exchanges as Mabbitt tried to coax the scammer to click the link. The scammer refused, so Mabbitt set up a fake Error 522 SMS message and the scammer swallowed the bait.

After sending the message, there was a hit on the web server. Mabbitt reported this to Twitter who suspended the account. He also told the UK police in the hope that action can be taken against those responsible.

Related posts

ZenHammer Memory Attack Exploits Rowhammer Against AMD CPUs

Sign1 Malware Targeted Over 2500 WordPress Sites In Recent Campaign

Unsaflok Flaws Allow Unlocking Saflok Door Locks With Forged Cards