Why would an individual go to Twitter to seek assistance? Well, because many companies monitor and encourage their customers and potential customers to engage with them in the public forum of the social network, and thereby displaying their customer centric spirit – PayPal is one of those companies – see screen shot of the 4 September 2015 Tweet from PayPal encouraging individuals to engage with them to recover their password.
Thus the user is pre-conditioned to have their request for help, in the manner in which a company has stated their willingness to assist, answered and acted upon. In this instance, the cyber criminal engaged the victim ahead of PayPal. The methodology used by the cyber criminal was not complex and effective due to it’s simplicity.
According to the security researcher (the con had three steps) in which the cyber criminals (“PayPal support”) manipulated the two-step authentication code out of the victim’s hands and into the criminal’s.
The cyber criminals did exactly as you would expect, they reset the victim’s account and then started making purchases. The victim realized this to be the case, and contacted the authentic PayPal support directly ( via telephone: 800 358 7911 – their hours are 0800-2200 M-F, 0800-2100 Saturday and 0900-2100 Sunday) and PayPal did what they should.
What should you do:
- Do not share information received via the second step of an authentication process except within the prescribed manner (i.e. enter your code)
- When using public social network contacts to initiate a service request, understand that any one of the 4 billion internet users can view that public request and some of those individuals may engage with you in hopes that they can scam you out of your account credentials and monetize this information
- If you believe you have been manipulated by a cyber criminal, contact the service provider directly and allow them to assist you – there is no shame in being fooled (it happens to all of us at one time or another)
- Remain vigilant, take your time and verify all who engage you via social networks.
[/vc_column_text][vc_empty_space][vc_single_image image=”55928″ img_size=”full” title=”PayPal’s Statement”][/vc_column][vc_column width=”1/2″][vc_column_text]
If you’re having trouble recovering your password this way http://t.co/kOF6rXnM3L give us a call:) Click ‘contact’ & choose I can’t login.
— AskPayPal (@AskPayPal) September 4, 2015
[/vc_column_text][vc_empty_space][vc_column_text][/vc_column_text][/vc_column][/vc_row][vc_row][vc_column width=”1/2″][vc_column_text]
We would very much appreciate your providing your feedback on this post by answering these two questions.
[divider style=”double”][/divider]Follow us on the social networks and receive all our updates
[/vc_column_text][/vc_column][/vc_row]