Criminals use social engineering on social networks to get money from users

A dangerous new trend in the cyber world has been identified, as online criminals intensify their efforts to extort money from unsuspecting users by employing sophisticated social engineering techniques. Cybersecurity experts warn that criminals have begun compromising user accounts on social media and mimicking the communication style of legitimate account holders to gain the trust of their friends.

Mechanism of attack

Cybersecurity experts  say that the first step in this scheme is to compromise a user's account on social networks, targeting platforms like Revolut, which are popular for online transactions. Once the account is accessed, the criminals analyze conversations to understand the account holder's communication style and identify potential victims who are likely to offer financial assistance quickly.

Experts have identified that attackers use private messages to communicate with friends of potential victims, offering plausible scenarios like "my card is blocked" or "my account has been frozen," tapping into people's natural desire to help in times of need.

Payment method and detection avoidance

A distinctive aspect of this scheme is the use of Revolut's link payment method. This method allows criminals to avoid detection more easily, as the payment link does not require access to the victim's Revolut account. Instead, victims are encouraged to access the link and send the money directly to the criminals' accounts.

User recommendations

Cybersecurity experts offer the following recommendations for users:

• • Be on the lookout for messages asking for financial help via private messages, even if they come from friends or acquaintances.
• • Always verify the account holder's identity through alternative channels, such as phone calls.
• • If you have fallen into the trap, notify your bank (in this case Revolut) immediately to block transactions and provide information for investigation.
• • In case of damage, file a complaint with the nearest police station and notify the Department of National Cyber Security (DNSC).

This growing scheme highlights the importance of increased awareness among users to avoid falling into the ingenious traps of cybercriminals. Citizens are urged to inform and educate themselves to counter these persistent online threats.