Cyabra's Nasdaq News: Read More Here

165 Profiles and the Bank Ain’t One: BNI Impersonation 

Bank Negara (BNI) might be “just” the fourth-largest bank in Indonesia, but it has 1,000 branches all over the world, including Tokyo, London, and New York. 

Financial services are the most impersonated industry in phishing scams (according to Central Bank), and Bank Negara turned out to be a classic case study of this growing threat intelligence issue. 

Cyabra discovered 165 Twitter accounts impersonating Bank Negara Customer Care. Those were not merely malicious actors hoping for some quick scam money – the fake profiles were operated with expertise and precision. An example of that is the fake verification mark on their profile pictures, as seen below.

Laughing All the Way to the “Bank”

In the last 3 months, Cyabra identified 2,600 posts, replies, and retweets created by those fake accounts impersonating BNI Customer Care. The profiles also imitated the writing style of the real Bank Negara, introducing themselves using random names of Customer Care representatives, and writing in a similar fashion. 

Instead of slowly growing the social presence of the fake accounts and waiting for people to fall in their nets, the bad actors pretending to be Customer Care were active, finding real profiles’ posts that tagged Bank Negara asking for help. The fake profiles then responded as the Customer Care representatives offered their assistance, and included a link to a WhatsApp chat – which was, of course, a phishing link. They were also retweeting the post created by the real profiles to gain more exposure. 

The fake accounts were careful to stay under the radar – they didn’t create any original content of their own or offer any services. They only retweeted real profiles’ content. 

The screen capture below show the real Customer Care account interacting with a customer, and the fake one doing the same. Could you tell the difference? Check out the spreadsheet at the bottom of the article for a detailed comparison by Cyabra’s analysts.

The Real BNI account
The Real BNI account
The Fake account - notice the fake verification mark
The Fake account – notice the fake verification mark


This social engineering method, clearly created with a deep understanding of the Twitter algorithm, not only presented the false impression of authentic profiles with a large consumer base but also managed to mislead quite a lot of people:
75% of the interactions with the fake profiles were authentic profiles that had no idea they were talking to scammers.

 

Can You Identify Malicious Actors Impersonating Your Company?

Impersonations are becoming a growing risk for large companies. Even if you’re a threat intel or cyber security expert, identifying fake profiles and fake content on social media requires a completely new skill set. Not only that: your fans and followers on social media are now expecting a company or brand to be the first to know of any impersonations or fake profiles using their names, and alerting the same fans and followers, warning them to watch out for scams. 

Don’t wait for customers’ disappointment to turn into resentment and consumer rage. Cyabra provides accurate, cross-platform, multi-language, real-time social threat intelligence. Contact us to set up a demo.

 

Check out the comparative analysis of BNI’s real profile vs. the imposter, created by Cyabra’s analysts: 

Download the full report

Related posts

Former Secretary of State Mike Pompeo Joins Cyabra’s Board

Cyabra is thrilled to announce the appointment of 70th Secretary of State Mike Pompeo to its Board of Directors. As a prominent figure in the...

Rotem Baruchin

January 11, 2024

Bots Break the Bank: NY Community Bank Crisis

Among the troubles that New York Community Bank (NYCB) has been facing over the past two weeks, an online storm of fake profiles might look...

Rotem Baruchin

February 14, 2024

Misinformation Monthly – September 2023

Each month, our experts at Cyabra list some of the interesting articles, items, essays and stories they’ve read this month. Come back every month for...

Rotem Baruchin

September 7, 2023