A UK-based cybersecurity vendor has detailed how it turned the tables on an angler phishing operation posing as Virgin Media support on Twitter.
This particular type of phishing attack is a relatively new tactic. It involves the scammer registering fake Twitter accounts that masquerade as legitimate customer support and then monitoring the real support accounts for irate customer messages.
They then jump in quickly to exploit the customer’s frustration and the immediacy of Twitter to send messages back to those customers, typically loaded with malicious links.
This is what happened to a member of the team at pen-testing firm Fidus Information Security when they complained to Virgin Media via Twitter.
After receiving replies from the official account and a legitimate-looking fake they decided to have some fun.