Impostors have attempted a Twitter phishing attack on users of Bitcoin Wallet Electrum. The attackers were clever, creating an exact clone of the original Electrum Twitter, but using an “I” (uppercase) instead of a lowercase “l.” On first glance, it’s hard to tell the difference.
Interestingly, the phishers decided not to create a whole website around this concept, and have tweeted legitimate information about Electrum. But in one case, as ZoidbergCoin reported, they were most definitely phishing
[su_note note_color=”#ffffcc” text_color=”#00000″]Kevin Epstein, VP of Threat Operations at Proofpoint :
Is this attack innovative in any way?
“This is an interesting variant of an ongoing security challenge created by the intersection of fake accounts and the use of social media for customer service; we’ve seen a wave of similar attacks recently, as detailed just last week at HERE.
Is there anything apart from the basic phishing clues that users should look out for?
“Aside from the subtle changes in account names and the number of followers, check the hours posted for ‘Customer Service’ on the legitimate organization’s website. ‘Customer Service’ tweets after-hours aren’t… Of course, check the corporate website’s ‘contact us’ for the real twitter handles and Facebook pages.”[/su_note]
[su_box title=”About Proofpoint” style=”noise” box_color=”#336588″]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.