How cyber attackers are using the Twitter blue badge verification process for phishing attacks
Fraudsters are targeting verified Twitter accounts — the ones that come with a blue badge — sending fake but well-written messages threatening to suspend the account or deactivate the verification badge in an attempt to steal verified users’ credentials.
Twitter verifies accounts if they are considered notable influencers, celebrities, politicians, sportspersons, journalists, activists, government, and private organisations. To receive the verified “blue badge,” Twitter users must apply for verification and submit supporting documentation to show why their account is to be authenticated. Since it is not easy to gain a blue badge, threats of suspension can lead to people reacting without thinking, making them primary targets for these fraudsters.
“Last month, I received a direct message from an account named Support Center that had a Twitter logo as its display picture and demanded documents like government card, passport and driver’s licence to be uploaded. I had uploaded the Aadhaar card and went quite a few steps with the sender who gave quick replies but then I realised the man was trying to get control of my Google accounts, including G-pay and Gmail and was sending authentication messages and that is when I stopped all communication. I kept on receiving threats but ignored them,” said an actor, who didn’t lodge a cop complaint.
A journalist said he realised he was being conned when the sender forwarded a link of a screen sharing app jolting him to suspend communication and report the matter to Twitter as well as to cops.
“I had received my verification badge after being on the platform for four years and 48 hours since I received the badge. A message in may mailbox said that the credibility of my account was in question and that it can be suspended If I don’t submit some documents. It looked so genuine that I went with the flow but realised the con at the right moment,” he said.
The fraud message often has statements like: “Hello, Twitter User! Your blue badge Twitter account has been reviewed as spam by our Twitter team. Recently some fake and fraudulent methods have appeared that some use to authenticate their accounts with the blue tick. We understand how valuable the blue badge is to you. Please appeal using the form below, otherwise your blue badge may be deleted.”
Twitter has also uploaded it on their website clarifying that the website sends mails only from @twitter.com or @e.twitter.com. “However, some people may receive fake or suspicious emails that look like they were sent by Twitter. Please know that Twitter will never send emails with attachments or request your Twitter password by email,” the notification read.
FacebookTwitterLinkedin
Fraudsters are targeting verified Twitter accounts — the ones that come with a blue badge — sending fake but well-written messages threatening to suspend the account or deactivate the verification badge in an attempt to steal verified users’ credentials.
Twitter verifies accounts if they are considered notable influencers, celebrities, politicians, sportspersons, journalists, activists, government, and private organisations. To receive the verified “blue badge,” Twitter users must apply for verification and submit supporting documentation to show why their account is to be authenticated. Since it is not easy to gain a blue badge, threats of suspension can lead to people reacting without thinking, making them primary targets for these fraudsters.
“Last month, I received a direct message from an account named Support Center that had a Twitter logo as its display picture and demanded documents like government card, passport and driver’s licence to be uploaded. I had uploaded the Aadhaar card and went quite a few steps with the sender who gave quick replies but then I realised the man was trying to get control of my Google accounts, including G-pay and Gmail and was sending authentication messages and that is when I stopped all communication. I kept on receiving threats but ignored them,” said an actor, who didn’t lodge a cop complaint.
A journalist said he realised he was being conned when the sender forwarded a link of a screen sharing app jolting him to suspend communication and report the matter to Twitter as well as to cops.
“I had received my verification badge after being on the platform for four years and 48 hours since I received the badge. A message in may mailbox said that the credibility of my account was in question and that it can be suspended If I don’t submit some documents. It looked so genuine that I went with the flow but realised the con at the right moment,” he said.
The fraud message often has statements like: “Hello, Twitter User! Your blue badge Twitter account has been reviewed as spam by our Twitter team. Recently some fake and fraudulent methods have appeared that some use to authenticate their accounts with the blue tick. We understand how valuable the blue badge is to you. Please appeal using the form below, otherwise your blue badge may be deleted.”
Twitter has also uploaded it on their website clarifying that the website sends mails only from @twitter.com or @e.twitter.com. “However, some people may receive fake or suspicious emails that look like they were sent by Twitter. Please know that Twitter will never send emails with attachments or request your Twitter password by email,” the notification read.
FacebookTwitterLinkedin
Denial of responsibility! Techno Blender is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.