When business mogul Elon Musk
completed his acquisition of Twitter, one of his first tasks was to overhaul the microblogging site's verification process. Under the order,
the verification badge will be bundled with the Twitter Blue subscription, which was initially ordered to cost $19.99/month. Current badge holders will have up to 90 days to start paying the new fee before they lose their verified badge.
Not long since this made the news, cybercriminals are already taking advantage of the proposed change by sending
phishing emails to verified users, as
TechCrunch security editor Zack Whittaker recently spotted.
The message claiming to be from Twitter says that the verification badge will cost $19.99 per month starting November 2, 2022 for some users. If the recipient doesn't want to pay the monthly fee, they need to confirm that they are a "well-known" person.
If the recipient clicks on the "Provide Information" link, they will be asked to enter their Twitter username, password, and phone number. At this point, any provided information will be sent to cybercriminals for identity or financial theft.
There are plenty of indicators that this is a phishing email. For starters, it comes from a twittercontactcenter@gmail[.]com address rather than an official Twitter domain. It also opens a Google Doc under a Google Sites URL instead of the official Twitter website.
Even "Chief Twit" Elon Musk isn't sure yet if they will end up charging $19.99 for the new verification system. This is his response to an unhappy tweet by author Stephen King on (not) paying $20 to keep his blue check:
Google took down the phishing site as soon as TechCrunch alerted them. However, given that these scams have cropped up quickly since Musk took over Twitter, it's likely that there will be more Twitter-related phishing campaigns appearing in the future.
To protect yourself from phishing attacks, always be careful when clicking on links or downloading attachments from unsolicited emails. Also, always check the URL of the site you're on; if it doesn't start with twitter.com, for example, then it's likely fraudulent. Finally,
enable two-factor authentication to ensure that threat actors will not be able to access your account even if they get a hold of your username and password.
www.neowin.net
