Researcher-created Twitter bot phishes two out of three users

Baltimore security firm ZeroFox made the SNAP_R bot as a proof-of-concept for the next generation of phishing techniques, explaining its methods in a paper released at the recent Black Hat security conference. It uses machine learning to churn through a victim’s tweets and those of their followers, then sends a dynamic message relevant to their interests. It uses clustering to identify high-value targets based on social engagement, like followers and retweets, and measures the bot’s success by tracking clickthrough rates. In summary, the researchers claim it to be “the world’s first automated end ­to ­end spear phishing campaign generator for Twitter.” The ZeroFox team created SNAP_R as an education and security assessment tool: like many firms, they are often hired to attack clients using cutting-edge methods that real hackers would…


Link to Full Article: Researcher-created Twitter bot phishes two out of three users