A threat to Twitter verified account owners
Phishing scams as we all know continue to target verified account owners on social media platforms, recently verified Twitter accounts with emails designed to steal account credentials have been discovered in ongoing campaigns conducted by threat actors. Verified accounts on twitter are set apart, and can be found as it is designated by a blue tick sign next to the name this indicates the account is either a notable influencer, celebrity, politician, activist, journalist, government and private organizations. To receive this “badge of honor”, Users must apply for apply for verification, which entails submitting additional information, including ID cards, website references and other reasons to make the account “notable.”
These accounts usually have many followers, or considered high profile in some circles thus highly sought after by hackers to promote phishing campaigns and other malicious activity. Over the past couple of weeks numerous reports were circulating how verified accounts have been targeted by phishing emails pretending to be from Twitter. These emails state that the user’s account has problems and that they should notifications to learn more about what’s wrong, it also states that ignoring the email could lead to account suspension. Clicking on check notification, will prompt the user to enter their login details, after doing so the phishing kit will conduct a password reset, and enter the login verification code which threat actors will use to complete the password reset process.
On the 2nd of May 2022, verified journalist Wudan Yan revealed to falling for a similar phishing scam targeting verified Twitter users promoted through DMs on the social site. Yan shares her experience, and how hackers have changed her image, bio and account name to appear be Twitter and began sending further DMs to promote the scam to other users.
What must be done, is to thoroughly check the URL and check the corresponding landing page. If the emails gets stored in junk make sure to double check before clicking on anything that looks suspicious. Many might not even know that their accounts have been hacked, therefore we must be precautious at all times.