If you think it was only the celebrities that were hit during the Twitter hack last night, you are wrong. As the micro-blogging website went through the worst-ever cyber attack on any social media platforms on Thursday, at least 367 users transferred around $1,20,000 (over Rs 90 lakh) to hackers in Bitcoins before the Twitter teams swung into action to stop the cryptocurrency scam that hit several top-notch public profiles.

COMMERCIAL BREAK
SCROLL TO CONTINUE READING

According to the cybersecurity firm Kaspersky, the major scam flags the fact that we are living in the era when even people with computer skills might be lured into a scammers trap and even the most secure accounts can be hacked.

“To our estimates, within just two hours at least 367 users have transferred around 120,000 dollars in total to attackers. Cybersecurity is undoubtedly one of the top priorities of all major social media platforms, and they put efforts in preventing many attacks every day. However, neither website or software is entirely immune to bugs, nor is the human factor immune to mistakes. Therefore any native platform might be compromised,” Dmitry Bestuzhev, Cybersecurity expert at Kaspersky said.

WATCH | Zee Business Indian App Developers Adda

He said that along with new attack vectors, scams combine old and effective techniques, to use a surprise element and gain people’s trust to facilitate the attack and lure victims into a trap. 

“In addition, the threat actors might gain access to the victim's account in other ways: for instance, it can be penetrating a third-party app with access to the user’s profile, or users password might be brute-forced,” Bestuzhev added. 

How to recognise scam in social media?

The researchers at Kaspersky explain that the most important element of every scam is a time limit. Not only that it prevents a victim from conducting a thorough check on the matter, but it also adds some psychological pressure on the user, making it easier for them to overlook details. Being afraid of missing a great opportunity, even the most careful people might be seduced into taking a risk and falling for attackers' trick.

They said that criminals might even go further and illustrate the scam with an authentically looking design or use Deepfakes. 

“Remember, that it is highly unlikely that any official enterprise or established individual will ask you to transfer money, even to return them later, even as a joke, due to possible issues with taxes and financial reporting,” they added. 

How to stay safe?

The social media users are advised to have a strong password, which is unique so that if another website leaks your credential, your accounts remain safe. They must use memory techniques or password manager to create safe and complicated passwords for each website.

Also, the users are advised to apply two-factor authentication, when login and password need to be confirmed by entering a special code. Alternatively, use a physical key, connected to the separate device through USB-cable or NFC.

They should also start using “Privacy Checker” to help social media profiles more private. It will make it harder for third parties to find highly personal information.