Follow us

Twitter bots are threatening to steal you data.

Hackers use chatbots to get access to users' bank account details and use the information to steal funds from Twitter users.

Published: October 4, 2021 By Ozair Malik

Twitter plastic chips in batch

Image source – freepik.com

Hackers use Twitter bots to get access to Twitter users' personal information and make payments to their accounts using PayPal and Venmo payments. The fraudsters are using fake profiles using profile pictures of the source and are tricking users into transferring their funds to their accounts.

The Twitter chatbot scam has particularly risen during the covid-19 lockdown as the world moved to online markets, an ideal scenario for the scammers to loot their targets.

The Twitter bots are automated message replying mechanisms developed by different companies to entertain their users if an attendant isn't available. Still, it seems that hackers did not spare this useful tool and are using it for their interests.

Although there are a few ways to check the validity of online bots, many users who are not computer literate enough often find themselves trapped in this scam.

Twitter is also sweeping out these fake bots and has suspended 70 million accounts, but hackers keep coming up with new ids.

History of Chatbot

Alan Turing, a British scientist, who also cracked the German enigma code, which ultimately led to Germany losing world war II, came up with a computer-generating conversation with human beings, especially over the internet.

 It uses different techniques such as Natural Language Processing(NLP) or analytical sentiments to reply in text or speech with humans or other chatbots. Turing gave this idea in 1950, and chatbots were developed in 1966. Turing's chatbot was called ELIZA, and it generated a psychotherapist's test. More and more developments were made in later decades afterward, and chatbots were improvised for a wide range of chats.


Their Use Today

Today, chatbots have found application in all fields of life, including medicine, education. E-commerce etc.

They are useful in delivering information to the user without having to engage an employee. Also, they require artificial intelligence to be programmed and then afterward take care of the user requirements.

There can also be changes made to meet the ever-changing user demands, and hence they are cheaper to maintain and user-friendly. 40% of the people believe chatbots are friendly and responsible enough to get the relevant information or the job done.


Use of Chatbots in Twitter

Multiple brands have been using chatbots for a good customer experience. These chatbots have revolutionized companies selling strategies by connecting users and companies; this strategy has been particularly successful in Canada as 78% of Canadians believe that it's important for brands to have a social media presence, and 58% think that they will keep buying products via social media.


Why do Brands use Chatbots?

It is in the interest of brands to invest in customer service as it reduces the time taken to place the order and makes the process smooth. All customer needs are also addressed using computerized forms, and chances of errors are also reduced drastically.

Its consequences are already being felt. As per research, the use of chatbots by different brands has the following results:

  • Been quicker at getting back at customers (135%)
  • More responsive to customers (113%)
  • Innovative (135)
  • Transparent (86%)
  • Trustworthy (38%)
  • Likely to be recommended to others (61%)

Over time, more and more research is also taking place, which helps to better the entire process and remove any errors which previously slowed down

The process and brands are continuously working to make customer service user-friendly.


How are Hackers Exploiting Chatbots?

Different brands and charities use catboats for online payments. Fraudsters make fake profiles with the same names and trick users into believing they are genuine brands by using profile pictures of the original brand.

Often, users are tricked into believing their payments are going to their desired organization, but as soon as the payment is made, they are blocked from the fraudsters.

"It's really difficult to differentiate real accounts from fake ones as they all have similar profile pictures and personal information," one user noted.


Which Sites were Affected?    

Venmo payment is a widely used mode of payment for charities; this was also not spared by the fraudsters as they have made fake profiles for this site and are stealing users' money. Often, chatbots are used to access users' personal information, such as their bank account, and then all cash is withdrawn from their accounts.

Some of the users managed to take screenshots of chatbots trying to trick them into sending payments to them.

An image shared by one of the victims of chatbots scam

Image source – portswigger.com


How is Twitter Tackling the Problem?

Twitter has taken down nearly 70 million accounts which were using chatbots to take users personal information. These accounts keep on popping after every some after being taken down. Although twitter has also sped up it's operation against such accounts as it suspended 1 million accounts in a single day.


What are the Consequences?

It is expected that there may be a rare decline in the user base of Twitter, but the company has refused to comment on this.

The company has cracked down sharply on chatbots and trolls after the 2016 US presidential elections. Trolls originating from St. Petersburg claimed to have interfered in the polls and deceived a large population into believing this.

Twitter currently has 336 million users, and the crackdown negates the company's claims that less than 5% of its user profiles are fake and fewer than 8.5% use automated tools.

The problem, however, was how to differentiate between real and counterfeit accounts because many fake accounts used bots to generate hundreds of tweets per day whereas the crackdown was against the dormant accounts, so a lot of open accounts were also removed but experts believe that by removing the suspicious accounts, the overall safety of users from manipulation has increased.


What is Your Responsibility?

When it comes to user protection, the user has a responsibility alongside the company. All online platforms have advised their users to be vigilant while dealing with a stranger online, especially when they have to transfer their funds. Some guidelines given to the users in this regard are:

  1. IP Correlation —The geographical location of Twitter accounts.
  2. Time-Based correlation — the release of tweets nearby 
  3. Automation— When an account replies to short tweets which seem automated.
  4. Content Similarity — when the same content is tweeted at the same time.
  5. Account creation — Accounts made on the same day.
  6. Account Description — when an account seems automated if it includes numbers in its name and has no profile picture or bio.
  7. Account Activity — When an account follows many accounts, has not many followers and tweets faster than a human being.

Conclusion

All social media platforms should make their security tighter and require a valid verification of human users, and users should also follow safety guidelines to avoid getting scammed. Both parties share equal responsibility and should seek guidance from one another for a better experience.

As the digital age progresses, there are new challenges constantly arising that need to be tackled for better utilization of resources. Cyber security is the main focus of many companies

Tags: 
News
Author
Ozair Malik
A passionate Cyber Security researcher and writer with a keen interest in Digital Forensics. A community worker running a insta blog to raise cybersecurity awareness among laymen.

Write a review

click to select