Social Media Cyber Attacks Used to Perpetrate Phishing Scams

Gate.io is a cryptocurrency exchange company - one of the largest in the world with the highest number of types of cryptocurrencies available to be traded. It touts itself as the best platform for novice crypto traders as a secure and user-friendly mobile app for such actions to take place. The company has 6 million users of its site and provides derivatives (USDT-margined and Quanto perp), options, lending, ETF's, and structured finance products. On Twitter, this company has 1.1 million followers and the company utilizes it to inform its followers of new listings, provide guidance via "Crypto 101" tweets, and as a platform to conduct giveaways to lucky winners!

Unfortunately, the company's Twitter account was hacked and used to push a phishing scam. It was reported on October 21 by PeckShieldAlert that the company's official Twitter account was hacked to promote a scam which was claiming to be a Giveaway of up to 500,000 USDT in rewards. The fictitious tweet posted by the hackers offered to pay the first 1,000 winners who claimed the reward a prize of 500 USDT. Users could "claim" the prize by connecting their wallet to what the tweet claimed to be the official website for Gate.io; however, this landing page that folks clicked on was actually a fake phishing page.

The number of individuals who fell for the scam is unknown, but thankfully, the company was able to regain control of the account and take the fake giveaway tweet down. It is clear that whoever perpetrated this attack paid attention to how the company usually styled their tweets - as mentioned above, one of the common things this company used its Twitter account for was to interact with followers by conducting giveaways. This goes to show that regardless of the means by which the hackers go about pushing a phishing scam, they are getting more and more tactful with how they approach these attacks everyday in order to better dupe unsuspecting victims.

With malicious actors working all the time to try and trick us, it is important that we stay vigilant and do what is within our control to not fall for such phishing scams, especially those perpetrated via social media.

• Be sure to review the privacy settings on each social media site your business has a presence on. Ensure that your business' settings are in line with what you find as being in the optimal place of being safe online while also having enough of an online presence for your target audience to know and interact with your company.
• Utilize an antivirus software and ensure your business' networks are up-to-date. These simple steps can help ensure that viruses and malware stay out of your devices and your social media sites are safe.
• Ensure that the marketing/social media team at your company is well-educated in cybersecurity best practices. This includes knowing not to click on links from unknown users, not oversharing information, and password hygiene.

Image by coolvector for Freepik.