A phishing scam involving hackers hiding behind fake customer support accounts on Twitter could result in users giving away their personal login details, security experts have warned.
Hackers are hijacking Twitter conversations between users and customer support accounts in an attempt to nab their passwords, says security firm Malwarebytes.
The scam was reported as early as 2014, but is still doing the rounds in 2016.
The scammers replicate the firm’s Twitter accounts by copying the avatar and Twitter handle as closely as possible.
They then barge into a conversation between a user and a genuine customer service account, usually directing the victim to a phishing link, which can then be used to obtain the user’s login details.
Christopher Boyd, malware intelligence analyst at Malwarebytes, advises users to check the account for a blue Verified tick on Twitter, though this is not conclusive proof as not all companies have one.
The security expert also warns users to check the accounts visitors numbers - a low number for a large firm is suspicious.
Users should also be wary if relies is try to direct them to a website.
“Is your query, which doesn’t really require a website visit, being immediately directed to somewhere you have to login? Is the website asking you to login sitting on a free webhost / not a HTTPS site? If so, you should probably steer clear, says Christopher Boyd.
Image credit: Bethany Clarke/Getty Images