New phishing campaign lures victims with new Elon Musk Twitter verification rules
No, the Twitter blue checkmark doesn’t cost $20
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Elon Musk’s purchase of Twitter is being used by scammers as a lure to steal login credentials from “famous or well-known” persons, or those believing to fit the category.
A new phishing campaign is based around Elon Musk’s plan to monetize Twitter’s Blue Checkmark, a symbol given to accounts whoseidentitieshave been verified and is used to minimize impersonation fraud that’s rampant on the platform.
In the phishing email, it is said that the blue checkmark will soon cost $19.99, but only for those who are not “famous or well-known”. Those that fit the category will be able to use the feature for free, all they need to do is confirm their identities.
Providing crooks with sensitive intel
As usual with phishing emails, this one comes with a “Provide Information” link, where victims are redirected to verify their identities. The site is aGoogleDoc under a Google Sites URL. The landing page comes with an embedded frame that’s actually hosted on a Russian hosting platform.
Crypto scams are now a billion-dollar market>A deepfake of Elon Musk is trying to scam people out of crypto again>These are the best firewalls out there
The whole campaign is relatively amateurish and brimming with red flags. The email is being sent out from a Gmail address (twittercontactcenter), rather than Twitter’s domain, which is arguably the biggest red flag. Then there’s the fact that the blue checkmark won’t cost $19.99, but $8, as was confirmed by the platform. Lastly, there is absolutely no reason for the feature to be free for famous persons.
Other common indicators of phishing emails are the omnipresent sense of urgency (phishing emails always try to scare people into recklessly doing something), as well as typos, spelling errors, and other mistakes.
TechCrunchsays Google took down the phishing site soon after being tipped off on its existence.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Via:9To5Mac
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
I’ve been a Firefox power user since it launched 20 years ago – here’s why it still beats Chrome and Safari
