A compelling Twitter scam targets bank customers by abusing the tweet quoting feature, as observed by BleepingComputer.
What makes this scam stand out is that it preys on customers who tweet to their banks, for example, to file a complaint or request assistance. But these customers instead receive a response from the scammer, via a quote tweet, enticing them to call the scammer’s “helpline” number.
The scam’s simplicity and focused targeting make it compelling to unsuspecting users.
Fake Twitter bank accounts that attract customers
Users who tag their banks’ Twitter accounts in their tweets; For example, when making complaints about a problem, they should be on the lookout for responses from unverified Twitter accounts that may be impersonating bank support staff and instead being a scam.
Also, what makes this scam particularly interesting is the fact that genuine companies sometimes choose to respond via a separate Twitter account, different from their corporate (verified) account, for tweets that are similar to support requests. .
Earlier this week, he had tagged Axis Bank, India’s third-largest private bank, in a cheep but interestingly, he received a response as a ‘quote tweet’ from an account claiming to be Axis Bank:
While the lack of followers on the @AXIS_BANK_00 account (and, not to mention, the verification badge) raised red flags, it wouldn’t be the first time a company has responded from a separate Twitter account instead of the verified account. for example, to minimize the amplification of your customer complaints sent as Tweets.
Instead of using obvious phishing links, this scam uses templated text that urges users to call a “help line” number.
An Axis Bank official chimed in shortly from the company’s legitimate Twitter account:
Hello, we have noticed a post made to you by someone claiming to represent Axis Bank. The answer has NOT been published by our official representatives. We would ask you to immediately stop any interaction with the other profile and not share any information with (1/3)
— Axis Bank Support (@AxisBankSupport) March 13, 2023
The illicit Twitter account, AXIS_BANK_00 it has since been suspended.
However, in analyzing this case, we found that the same phone number, 89618-44737, had been mentioned in tweets targeting clients of other leading Indian banks, including HDFC and ICICI.
One such account we found was called @HDFC_Bank_08:
While the target of ICICI Bank customers was named @ICICI_Bank_7:
Simply suspending these accounts may not be enough and may result in a mole hit situation. The enumeration at the end of these Twitter handles (ie Axis_Bank_0, 1, 2, 3….) suggests that the scammers are simply recreating these accounts with variations of the handle and naming these accounts using terms, for example, “( Bank name) cares” to appear to be the bank’s Twitter support channel.
This scam also comes at a time when Musk’s acquisition of Twitter and a total revamp of the platform verification policies It may already be causing confusion.
For example, previously verified ‘legacy’ blue badge accounts may be phased out in favor of Twitter’s blue (paid) verification program. So there is a totally new color code introducing a ‘grey’ check mark for the Twitter accounts of government officials and ‘gold’ for businesses.
Another issue is, what happens to the legitimate Twitter accounts of banks and financial institutions that continue to have legacy verification badges, once they are removed? These accounts can become more susceptible to phishing by scammers.
Not all Twitter accounts belonging to a prominent entity are treated equally.
Both from Comcast @Xfinity and @SupportXfinity the handles, for example, bear a ‘gold’ insignia certifying their authenticity. But other accounts associated with the company, such as @NASCAR_Xfinitythey still retain the older blue badge which, once removed, makes things cloudy for the consumer.
When you’re on Twitter, watch out for red flags in replies, direct messages, and quote Tweets directed at you, even if your timing is impeccable and they appear benign at first glance.
