Home
 » ISP News » 
Sponsored

Keep Watch for Fake Broadband ISP Support Scammers on Twitter

Thursday, January 24th, 2019 (10:18 am) - Score 1,993
Twitter

Broadband customers who complain about their service or seek support from a UK ISP via Twitter need to be extra cautious. A security expert has uncovered how scammers are abusing the platform in order to pose as fake customer service agents, albeit by using one of the oldest but easily overlooked tricks in the book.

In this example the problem began after the co-founder of a Cambridge-based penetration-testing outfit (Fidus Information Security), Andrew Mabbitt, complained to Virgin Media’s official Twitter feed about a problem that he had been having with broadband connectivity.

Within minutes of posting a complaint I got two replies; one from Virgin Media themselves in a public message and another from somebody purporting to be from Virgin Media in my DM’s. It seems those behind the account(s) are watching for keywords in real time and sending these messages very quickly; exploiting both the speed of a reply and the frustration being held by the person writing the initial tweet,” said Andrew.

The Direct Message contact and its linked account looked almost identical to the official one and replicated some of its content, although anybody paying close enough attention will have noted that the twitter handle was @virgincsmedia (this account has now been suspended) rather than @virginmedia.

We should point out that a lot of bigger ISPs have several different accounts on Twitter, some of which are dedicated to providing support and others are more promotional (e.g. @TalkTalkBiz and @TalkTalkBizCare). As such something like @virgincsmedia by itself wouldn’t necessarily jump out at a regular user as being overtly suspicious, but in security terms it’s always wise to be overly cautious of such things.

The message itself asked for Andrew’s name and address (i.e. the one linked to his account) and so for amusement he played along, albeit while using the fictional comic character of Deadpool (Wade Wilson) as his alter-ego. Naturally it didn’t take long before the fraudster (we’ll call this a type of phishing) was asking for the full details of Andrew’s credit card, which is something that a real support agent would never do!

In the end Andrew successfully used his skills to trick the fraudster into clicking a link that exposed his IP address. All of this is a useful demonstration of how scammers will do their best to try and steal your data, even on social media. So be on your guard for fake Twitter accounts and the same goes for Facebook users etc. Credits to The Register for spotting.

Add to Diigo
Mark Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
0 Responses

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Hyperoptic £18.00 (*22.00)
    Avg. Speed 30Mbps, Unlimited
    Gift: Code: HYPER19
  • Vodafone £21.00
    Avg. Speed 35Mbps, Unlimited
    Gift: Amazon Echo Plus
  • Direct Save Telecom £22.95 (*29.95)
    Avg. Speed 35Mbps, Unlimited
    Gift: None
  • Origin Broadband £23.00
    Avg. Speed 35Mbps, Unlimited
    Gift: None
  • SSE £23.00 (*33.00)
    Avg. Speed 35Mbps, Unlimited (FUP)
    Gift: None
Prices inc. Line Rental | View All
The Top 20 Category Tags
  1. BT (2428)
  2. FTTP (2036)
  3. FTTC (1612)
  4. Building Digital UK (1557)
  5. Politics (1355)
  6. Openreach (1351)
  7. Business (1190)
  8. Statistics (1054)
  9. FTTH (985)
  10. Mobile Broadband (983)
  11. Fibre Optic (948)
  12. Ofcom Regulation (891)
  13. Wireless Internet (872)
  14. 4G (858)
  15. Virgin Media (819)
  16. Sky Broadband (577)
  17. EE (564)
  18. TalkTalk (558)
  19. Vodafone (481)
  20. Security (399)
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact