Beware of social media scam as Twitter Promoted Tweet Steals Credit-Card Details

Pius Serugo

Pius Serugo

, Technology

Chances are pretty high that social media schemes enticing you to “like”, “share” or “follow “someone usually has a connection to scam; – someone is certainly trying to take advantage of you.

Most popular social media sites are enduring a hard task to police their networks as Porn bots, propaganda trolls, and neo-Nazis plague them every day. But as the fight against all this goes on, cybercriminals are also changing skin just to take advantage of anyone they can have.

Recently, a group of cybercriminals leveraged Twitter’s “promoted tweet” feature to push a website that has been designed to steal users’ personal data.

Mike Wehner, a trending news editor from BGR, a tech and entertainment website, brought this into the open on Sunday with a tweet, along with a selection of screenshots of the offending site.

Judging by @MikeWehner’s screenshots, the phishing site first presented a convincing looking, but fake, Twitter page that explained the merits of having an account verified—or certified as genuine by Twitter’s internal apparatus.

“Being verified is more than a cool badge on your profile, it signifies authenticity and ensures the community that you are an official account,” read the page.

According to Wehner, after providing some basic information, the site then asks for a user’s credit-card number, expiration date, security code, and billing address—likely enough information for a cybercriminal to then use those payment details elsewhere.

Many users including marketers and customers who have long been able to pay Twitter to promote posts and or increase the number of people that see them, as well as verify accounts ended up on the dead end of the day.

Corporate organizations and experienced social media Marketers who typically use the feature to boost their advertisements for a further reach should beware of the scums that crop up every other day.

The site now appears to be inactive, only showing a default web server screen, and without any of the phishing content itself.

This is not new to social media users, all you need is to do is ensure you read social media safety tip provided by the service provider.

You can follow a few tips from softonic here;


  • 40