Phishing

Phishing emails exploit rumours of Twitter’s plans to dismantle “blue tick” verification – Stay Safe Online

Amid rumours that “blue tick” Twitter accounts may have to start paying a monthly subscription fee or face losing their verification tick scammers are exploiting the news by sending out phishing emails claiming to offer Twitter users a way to bypass the subscription cost.

Over the last few weeks, as Elon Musk became the self-proclaimed “Chief Twit” of Twitter, plenty of rumours have been swirling about the fate of Twitter’s “blue tick” verification feature that is given to well-known Twitter accounts. One such claim is that blue ticks will be dropped for all accounts – even high profile accounts – and only given to accounts that pay a monthly subscription. (We’ve previously explained why that’s a bad idea here)

Phishing scammers rarely miss out on opportunities to exploit the rumour mill, and so we’ve seen a surge of phishing scams purporting to offer verified Twitter users a way to avoid the monthly subscription and keep their blue tick for free.

It should be noted that changes to the blue tick feature are, for the moment, unconfirmed and appear to be in the feasibility stage at this point. As such, emails claiming to offer a way of keeping your blue tick are definitely scams.

Such emails, like the one below, link to spoof phishing websites.

The spoof phishing websites replicate the Twitter Help section, and provide a form where users can enter their username, password and phone number. The information entered into the form is sent to the cyber crooks who can potentially use that to hijack the user’s Twitter account (if they don’t use two-factor-authentication.)

There is likely to be a number of different phishing scams surfacing in the coming weeks using the uncertainty of the blue tick feature as a lure to entice Twitter users.

As always, be sceptical of unsolicited emails, even if they appear to come from Twitter. If the email contains links, think twice before clicking them, and if you do, always check the web address of the destination webpage to see if you’re on the Twitter website (the phishing scams we evaluated sent users to user-generated content on the Google domain.)

In the case of these phishing scams, the FROM email address was a free Gmail email address, not a Twitter email, which is another giveaway.

Share
Published by
Craig Haley