Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

At Black Hat: A free tool for spear phishing Twitter

Tim Greene | July 22, 2016
Twitter accounts are a good place to try spear phishing because of the combination of language used, APIs to rich data and use of shortened links

For enterprises, the tool can be used for internal testing to find out how susceptible workers are to falling for the phony tweets, says Evan Blair, chief business officer for ZeroFOX. It’s never dawned on a lot of Twitter users that they could be phished in a tweet, so just making them aware of the problem could help reduce the number who fall for it, he says.

The researchers acknowledge that the tool could be used for spear phishing, but they’ve included a defect to mitigate the malicious use of it. For verified white-hat researchers they say they can remove the defect.

SNAP_R runs on Ubuntu and OS X, and operates in three phases. The researchers crafted it to work with Twitter, but similar tools could be made for other social networks.

Writing the tool took Seymour and Tully, both Ph.D. students specializing in data science, about two months.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.