Before adding and sharing your Fraud Alert please check to see if a similar alert has already been posted, thank you:


At Black Hat: A free tool for spear phishing Twitter

Post a Fraud Alert:

A spear phishing tool to automate the creation of phony tweets – complete with malicious URLs – with messages victims are likely to click on will be released at Black Hat by researchers from ZeroFOX.

Called SNAP_R (for social network automated phisher with reconnaissance), the tool runs through a target Twitter account to gather data on what topics seem to interest the subscriber. Then it writes a tweet loaded up with a link to a site containing malware and sends it.

More on Network World: FBI needs to beef-up high-tech cyber threat evaluations says DoJ Inspector General+

The researchers – John Seymour and Philip Tully – say SNAP_R lets them scale up phishing tries on Twitter accounts. It takes five to 10 minutes to write a single spear phishing email, for example, but it takes a matter of seconds or minutes to generate thousands of spear phishing tweets, depending on how much hardware they throw at the problem.