SCAMMERS HIJACK NATWEST CUSTOMER SUPPORT THREAD ON SOCIAL MEDIA
Cyber criminals are hijacking NatWest support threads on social media to steal customers’ details, according to researchers.
Experts from Malwarebytes spotted the scheme, whereby scammers set up fake accounts on Twitter designed to look like the bank’s own profile.
They then offer to “help” customers contacting the bank by directing them to “verification” links that ask for their banking information.
“We sincerely apologize for this, it is only available to verified account holders. Visit [link] to re-verify,” a fake account tweeted to one customer.
Although the scammers frequently have to change their profiles and phishing links, the researchers found that some of the existing links had been clicked as many as 18 times.
They advised users to check to see if the accounts they are dealing with have blue verified ticks, although this is still not conclusive proof that they are genuine.
Customers should also consider whether they should be following links in the first place. If the query would not usually require visiting a site or the page is on a free web host or non-HTTPS site, it is likely to be a scam and they should avoid entering sensitive information.
They should also check the accounts they are dealing with have a suitable number of followers for the major organisations they purport to be and ensure their usernames do not change between different interactions in a support thread.
This is just the latest phishing scam to target users. Last month, text messages were sent to Apple users asking them to enter their Apple account details, and researchers uncovered a campaign designed to trick Amazon users into handing over their account details and payment information.