“Are you looking for a part-time job?”, “Do you need to work online?”. This is how some of the direct messages that some Twitter users have received in recent weeks begin, those who have activated the function of receiving communications. On certain days, you may find four or five windows offering you remote or part-time employment. Of course, the messages are in English and are not addressed to a person, but to entire groups that the senders create; that’s what can help trigger suspicion.
The sender encourages the user to write to him through a messaging application to inform him in greater depth about the offer and insists that neither his gender nor his age is relevant. In some cases, there is talk of “sales growth services” for some online trading companies; However, according to Josep Albors, director of research and awareness of the computer security company ESET, the strategy seems “similar to the recruitment of muleteers that has been seen for more than 10 years.” At first, cybercriminals tried to capture through email, then SMS, and now on social networks.
The messages are in English and the sender encourages the user to write to him through a messaging application to inform him of the details of the offer.
A muleteer is in charge of receiving the money provided by victims of cybercrime activities or that comes from bank account thefts, and then sends it to the criminals, who are usually outside of country, according to Albors, who insists that the muleteer You may or may not be aware that you are committing a crime. “You are receiving money that you do not know where it is from and you are forwarding it to other accounts that criminals provide you, thinking that it is all legal and keeping a commission,” explains the expert. Many times, criminals disguise the activity as if it were a legitimate business.
In any case, the one who will always be harmed (in addition to the cybercrime victim himself) is the muleteer, who uses his bank account to make the transfers and is the first to be located by the police or prosecutor. “It is quite difficult to reach those who are behind everything because the accounts in which they receive the money are constantly changing, being emptied and closed, and, moreover, most of the time they are outside of country. It is not as easy as stopping the muleteer”, insists Albors.
Getting random job offers by twitter DMs now? Wtf?
No, I will not be taking your suspicious looking job via this suspicious blocked link. Goodbye.
— Yureio👻Gheistor ~VTuber~ (@YureioChannel) September 9, 2022
Another possibility is that cybercriminals are trying to “capture people by promising them very high profits if they invest their money in cryptocurrencies and follow their advice, when what they are doing is a pyramid scheme,” says the researcher. In one way or another, they may be looking for users who are in difficult economic situations and who are not going to ask many questions.
However, many times, these spam campaigns are directed at the largest possible number of users, regardless of the country they are in, their profile or their economic situation: “As cybercriminals play incognito, they are not afraid that everyone gets it. They do trawling, they send it to all the users they can and whoever bites has bitten”, clarifies Albors.
Although this type of campaign occurs on any platform, both in social networks and in email services or even in SMS, in this case it is Twitter that has seen a proliferation of these alleged job offers. The platform says: “We fight spam and malicious automation strategically and at scale with machine learning tools, and we regularly review and update our rules to ensure they are applied as intended. In the last year, we have acted on millions of tweets and accounts.
If the user receives a suspicious direct message, Twitter recommends reporting it on the platform itself (by holding down the message on the mobile or by clicking on the three dots that appear next to the message on the web), not downloading any attachments or clicking on the links and remove it from your inbox immediately. To further protect yourself, he advises updating your settings to manage who can send you text messages, and remember that the user is in control and can choose not to accept direct messages from any user they don’t follow.