A tale of Twitter fraudsters, an infosec biz boss, and a quest for one honeypot hit
Fraudsters masquerading as ISP support agents to phish payment card details have been unmasked – after they tried to scam a Brit infosec biz cofounder.
Kurtis Baron, director of the Cambridge-based penetration-testing outfit Fidus Information Security, told El Reg today how his cofounder Andrew Mabbitt received a private message from what appeared to be a legit Virgin Media customer support account on Twitter, a message that tried to harvest his bank card details.
The scam began when Mabbitt complained publicly to UK broadband giant Virgin Media on Twitter about a dodgy internet connection.
A crook, operating a Virgin Media support lookalike account, clocked the gripe, and slid into his DMs asking for personal details to help out.
"It seems those behind the account(s) are watching for keywords in real time and sending these messages very quickly; exploiting both the speed of a reply and the frustration being held by the person writing the initial tweet."