Monday, June 25, 2018

Phishing scam streams

How to avoid getting caught in a phishing scam stream.

phishing scams live streamsSo no platform is safe from this type of a scam. A phishing scam is basically fraudulent attempts to obtain sensitive information like username, passwords and in the Twitch world of things it will include video game accounts and virtual goods.

I just recently hear of a Twitch viewer failing for a phishing scam. Here is what happened, they are fans of 'Old School Runescape' and noticed a streamer on Twitch with around 2,000 viewers playing that video game. This Twitch channel had a profile panel with information linking to a phishing website that looked exactly like the runescape forums.

So what happened was the viewer, checked out the Twitch's streamers profile, saw the link to what they thought was the official forums because the streamer wrote in the profile panel section they were quitting the game and giving away their items on the supposed linked forum thread. So the viewer thought oh cool, this streamer is giving away his stuff let me go check it out. So they clicked on the link that was in the profile, which was made to look exactly like the runescape forums. They put in their runescape account information and seconds later found themselves under a DDOS attack.  During that time frame their runescape gold, items were all stolen.

So here is what you need to always remember to prevent this exact sort of thing happening to you.
  • Do not click on any random links in chat, whispers or profile sections for channels.
  • Note even banners or streamer panels can have links pointing to external websites.
  • Preview All URLS by mousing over, if they are short URLs do not trust them at all.
  • If you trust the streamer and believe the links are ok, double check to make sure they are going to legitimate sites.  Sometimes hackers do extremely tiny changes to accounts such as changing out a link and just one link on a webpage leading to a phishing site.
  • Remember a old saying, if its to good to be true, it probably is, if someone is offering something as a giveaway or promotion that wants username information, emails and other things make sure to verify the legitimacy before supply any personal information.
Majority of phishing scam that occur on the twitch platform are basically private messages text offerings with shortURL links that go to phishing webpages. This was the first time I heard of a stream being used as a way to phish.


Do you know of any phishing attempts happening on the Twitch platform? If so please share them in the comments section below.
Posted by at
Labels:
No comments:

Post a Comment

Subscribe to: Post Comments (Atom)