Phishing emails exploit rumours of Twitter’s plans to dismantle “blue tick” verification – Stay Safe Online

Amid rumours that “blue tick” Twitter accounts may have to start paying a monthly subscription fee or face losing their verification tick scammers are exploiting the news by sending out phishing emails claiming to offer Twitter users a way to bypass the subscription cost.

Over the last few weeks, as Elon Musk became the self-proclaimed “Chief Twit” of Twitter, plenty of rumours have been swirling about the fate of Twitter’s “blue tick” verification feature that is given to well-known Twitter accounts. One such claim is that blue ticks will be dropped for all accounts – even high profile accounts – and only given to accounts that pay a monthly subscription. (We’ve previously explained why that’s a bad idea here)

Phishing scammers rarely miss out on opportunities to exploit the rumour mill, and so we’ve seen a surge of phishing scams purporting to offer verified Twitter users a way to avoid the monthly subscription and keep their blue tick for free.

It should be noted that changes to the blue tick feature are, for the moment, unconfirmed and appear to be in the feasibility stage at this point. As such, emails claiming to offer a way of keeping your blue tick are definitely scams.

Such emails, like the one below, link to spoof phishing websites.

The spoof phishing websites replicate the Twitter Help section, and provide a form where users can enter their username, password and phone number. The information entered into the form is sent to the cyber crooks who can potentially use that to hijack the user’s Twitter account (if they don’t use two-factor-authentication.)

There is likely to be a number of different phishing scams surfacing in the coming weeks using the uncertainty of the blue tick feature as a lure to entice Twitter users.

As always, be sceptical of unsolicited emails, even if they appear to come from Twitter. If the email contains links, think twice before clicking them, and if you do, always check the web address of the destination webpage to see if you’re on the Twitter website (the phishing scams we evaluated sent users to user-generated content on the Google domain.)

In the case of these phishing scams, the FROM email address was a free Gmail email address, not a Twitter email, which is another giveaway.

Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)