Evil brand twins on Twitter

How to protect your clients from cybercriminals impersonating your company on Twitter.

When having trouble with a product or service, where does the modern user turn? Most likely, social networks. Therefore, in addition to traditional technical support, many companies have a special team whose job it is to track public brand mentions (particularly on Twitter or Facebook). However, such mentions are of interest not only to the companies in question, but to scammers as well.

How cybercriminals attack social media users

This typical example comes from the Malware Hunter Team: Whenever someone asks popular cryptocurrency service Blockchain.com’s support team a question on Twitter, a set of bots appears in the comments and tries to slip a phishing link to the asker. Similarly, bots swoop in at the mention of TrustWallet support.

The pattern would seem clear, but of course, cryptocurrencies and e-wallets are far from scammers’ only area of interest. Cybercriminals can try to impersonate other companies’ support teams in the same way.

Why is Twitter fraud a problem for companies?

Of course you are not legally culpable if someone deceives people by hiding behind your name, but such incidents can still hit your reputation hard and result in lost clients (and thus lost profits). From clients’ and customers’ perspectives, they were the victims of your failure to help.

How to keep your clients out of harm’s way

First, you need to verify your Twitter account — get that check mark. It won’t stop evil Twitter twins, but it’s a start: Your users will be able to distinguish your verified account from any fakes. Getting verified can be notoriously difficult. Start with Twitter’s detailed guide on the topic.

At the same time, begin or continue monitoring mentions of your brand on social media, primarily Twitter. Some of the many tools for that are free, though they’re generally not that great. Others may require a monthly subscription but offer numerous additional analytics features for your money. This monitoring for brand mentions (so-called social listening) will enable you at least to respond promptly to user questions and, in most cases, detect the actions of scammers.

If you detect cybercriminals posing as your company’s official channel, report the violation of your intellectual property to Twitter immediately. Twitter may request detailed evidence, but the process is usually pretty straightforward.

In general, use these tips to enhance corporate safety on social media:

  • Avoid creating unnecessary accounts for interactions between the company’s representatives and its clients. Having extra accounts can lead to confusion, and it makes life easier for attackers (who can hide in a haystack of official accounts);
  • Delete corporate accounts that you no longer use. If you leave them active, intruders may eventually gain access and scam users in your name;
  • Change account passwords when the employees who use them leave the company. A former employee with a grudge can leak credentials to cybercriminals.

As with any corporate accounts, protect your social media presence with a strong password and instruct employees who work with them on the basics of cybersecurity awareness. Otherwise, they too might fall victim to a phishing attack, allowing cybercriminals into your company’s Twitter account.