2 min read

Phishers Targeting Twitter Users with ‘Verified Status’ Scam

Filip TRUȚĂ

December 07, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Phishers Targeting Twitter Users with ‘Verified Status’ Scam

Cybercriminals are leveraging Twitter’s recent removal of ‘verified’ checkmarks for certain accounts in a new phishing campaign designed to steal passwords.

The ‘verified’ badge, a status symbol in the Twiterverse, “tells people that your account is notable and authentic,” as per Twitter’s own description.

“To keep your verified status, please keep in mind that your Twitter account must always be complete,” the company notes. “This means having eithera verified email address or phone number, a profile image, and a display name. Any verified account in severe or repeated violation of our rules may lose their blue badge.”

While Twitter may still have bugs to iron out behind the scenes, it appears many users have been stripped of their blue checkmark with no compelling explanation. The move has prompted malicious actors to target these users with crafty phishing lures asking them to take steps to keep their badge or recover it.

Discovered by BleepingComputer last week, the phony email is sent to verified users, many of whom apparently chose to list an email address in their bio description. An “Update here” button takes unsuspecting victims to a phishing site that displays a form designed to capture the user’s login credentials, including their password.

“After gathering the user's Twitter username, password, and two-factor authentication code, the phishing page redirects the user to the Twitter homepage,” Ax Asharma reports.

If you think you are being targeted by this scam or others like it, don’t engage with the content in the email or text message (especially links) and report the abuse to Twitter.

To paint an accurate picture of your online footprint and find out what key pieces of your digital identity have been exposed in breaches, leaks and data scraping, try Bitdefender Digital Identity Protection.

It helps you control and protect your digital identity with real-time notifications that alert you when your data ends up in data collections on the internet, and you get expert recommendations to fix any privacy issue detected so you can take steps to protect your security and privacy.

And with Bitdefender Total Security – now available free of charge for three full months – you can keep phishing or fraudulent websites and links at bay.

tags


Author



Right now

Top posts

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

December 21, 2021

2 min read
Online Shoppers Beware, Mobile Scams Are on the Rise

Online Shoppers Beware, Mobile Scams Are on the Rise

December 17, 2021

2 min read
The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Bank Indonesia Confirms Conti Ransomware Attack; Stolen Files Leaked Bank Indonesia Confirms Conti Ransomware Attack; Stolen Files Leaked
Vlad CONSTANTINESCU

January 21, 2022

1 min read
Crypto.com Confirms $34 Million Hack Compromised 483 User Accounts Crypto.com Confirms $34 Million Hack Compromised 483 User Accounts
Vlad CONSTANTINESCU

January 21, 2022

1 min read
Moncler Confirms Data Breach After Ransomware Gang Advertises ‘Rich Customer’ Data on Leak Website Moncler Confirms Data Breach After Ransomware Gang Advertises ‘Rich Customer’ Data on Leak Website
Alina BÎZGĂ

January 19, 2022

2 min read