Tech support scams are nothing new. Typically with these types of scams, you'll get a cold call, an unsolicited email, or you'll click on an ad for help speeding up your computer or getting rid of a virus. When all is said and done, scammers pose as tech support and gain access to your computer with the information you willingly give them.
The latest twist to this scam, however, is a little bit different. The latest threat discovered by Proofpoint is targeting PayPal users on Twitter.
Here's how it works:
Step 1: Hackers create a fake-but-official-looking PayPal tech support Twitter account.
Step 2: The fake account then responds to frustrated users' tweets with a link to click on to fix whatever the issue may be.
Step 3: Frustrated users click the link and are taken to a fake PayPal login page where they are asked to enter an email address and password.
Step 4: If you entered your information, it's game over.
How to stay safe
You can't spot the red flags if you don't know what to look for. Here's what to keep an eye out for:
- The fake Twitter accounts aren't verified, meaning there's no check mark inside of a blue circle. Be sure to look for the verified symbol.
- With the fake Twitter accounts, you'll notice that there aren't many Tweets and replies. In the examples below, only three and six tweets have been sent, respectively.
Here are the real PayPal account pages compared to the fake, so you'll know where to look.