2 min read

Phishers Targeting Twitter Users with ‘Verified Status’ Scam

Filip TRUȚĂ

December 07, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Phishers Targeting Twitter Users with ‘Verified Status’ Scam

Cybercriminals are leveraging Twitter’s recent removal of ‘verified’ checkmarks for certain accounts in a new phishing campaign designed to steal passwords.

The ‘verified’ badge, a status symbol in the Twiterverse, “tells people that your account is notable and authentic,” as per Twitter’s own description.

“To keep your verified status, please keep in mind that your Twitter account must always be complete,” the company notes. “This means having eithera verified email address or phone number, a profile image, and a display name. Any verified account in severe or repeated violation of our rules may lose their blue badge.”

While Twitter may still have bugs to iron out behind the scenes, it appears many users have been stripped of their blue checkmark with no compelling explanation. The move has prompted malicious actors to target these users with crafty phishing lures asking them to take steps to keep their badge or recover it.

Discovered by BleepingComputer last week, the phony email is sent to verified users, many of whom apparently chose to list an email address in their bio description. An “Update here” button takes unsuspecting victims to a phishing site that displays a form designed to capture the user’s login credentials, including their password.

“After gathering the user's Twitter username, password, and two-factor authentication code, the phishing page redirects the user to the Twitter homepage,” Ax Asharma reports.

If you think you are being targeted by this scam or others like it, don’t engage with the content in the email or text message (especially links) and report the abuse to Twitter.

To paint an accurate picture of your online footprint and find out what key pieces of your digital identity have been exposed in breaches, leaks and data scraping, try Bitdefender Digital Identity Protection.

It helps you control and protect your digital identity with real-time notifications that alert you when your data ends up in data collections on the internet, and you get expert recommendations to fix any privacy issue detected so you can take steps to protect your security and privacy.

And with Bitdefender Total Security – now available free of charge for three full months – you can keep phishing or fraudulent websites and links at bay.

tags


Author



Right now

Top posts

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read
Top Three Ways Internet Users Unknowingly Help Cybercriminals

Top Three Ways Internet Users Unknowingly Help Cybercriminals

February 25, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Scam Pixelmon NFT Website Hosts Password-stealing Malware Scam Pixelmon NFT Website Hosts Password-stealing Malware
Vlad CONSTANTINESCU
1 min read
Researchers Find Several JavaScript Processing Flaws in Word, Adobe Acrobat, Other Apps Researchers Find Several JavaScript Processing Flaws in Word, Adobe Acrobat, Other Apps
Vlad CONSTANTINESCU
2 min read
Microsoft May Patch Tuesday Causes AD Authentication Failures Microsoft May Patch Tuesday Causes AD Authentication Failures
Vlad CONSTANTINESCU
1 min read