Hackers have their sights set on Twitter users with a verified or Verified accounts. They will receive an email stating that there is a problem with their account. If they click on the URL in the message, they will be taken to a phishing site where cybercriminals have preyed on their credentials.
That writes BleepingComputer. The tech site has received multiple reports from Twitter users with verified accounts in recent days.
Check your name on Twitter
Twitter is a microblog that offers users the opportunity to send a message in the world in 280 characters. The medium has been in the news lately because Elon Musk wants to incorporate the platform. The Tesla and SpaceX CEO has offered $44 billion for Twitter, which has been accepted by the Board of Directors. Musk reported on Twitter today that commercial parties and government agencies may have to pay for the service in the future.
According to the latest figures, Twitter has about 400 million active users. More than 206 million people can be found on Twitter every day. In such a large group, it can be difficult to find reliable influencers, politicians, journalists, activists and celebrities. How can you be sure that whoever manages an account is not a scammer?
To separate the wheat from the chaff, Twitter has come up with blue badges or checkmarks. Anyone who has a checkmark like this next to their account has proof that they are who they say they are. In order to be eligible for this badge, he had to provide additional data to Twitter. Think of a copy of an identity document and references to websites or employers. In this way, Twitterers have to demonstrate that they have a leading status in a certain community (film, music, entertainment, journalism, government, science, etc.).
Twitter accounts with a blue check mark are an interesting target for hackers
Twitterers with a checkmark after their name usually have a large group of loyal followers. The reach of these Twitter users is not only large, so is their impact. Their followers often hang on their lips as soon as they send a tweet and take what this person says as true.
Accounts of twitterers with authority are an interesting target for hackers. The large-scale Bitcoin scam of the summer of 2020 is a good example of this. The accounts of Elon Musk, Bill Gates, Barack Obama, Joe Biden, Jeff Bezos, Kanye West (now Ye), Kim Kardashian, Apple and Uber, among others, had been hacked. They asked their followers to “give back to society” by transferring Bitcoins. The amount in this account would be doubled. In reality, the donations ended up in the pockets of scammers.
An investigation showed that it was a spearphishing attack. Hackers posed as maintenance workers to gain access to Twitter’s internal network. This form of manipulation to obtain personal information from victims is also known as social engineering.
This is how the hackers worked
Back to the story. In recent weeks, Twitter users with a verified accounts received an email. This supposedly came from Twitter Verified, the department that judges whether someone gets a checkmark or not. The message stated that there was something wrong with the recipient’s account and that they needed to act immediately. The email contained a blue button with the text ‘Check notifications’.
Whoever pressed this button landed on a phishing page where he had to enter his login details. To make sure the data entered was correct, Twitter users had to enter their username and password twice. Finally, users are asked to enter a verification code, which they will receive by text message. The scammers used this information to perform a password reset and take over an account.
That way you don’t become the next victim
It is unknown how many victims have been affected by these scams. Some quickly realized that something was wrong. This way they managed to prevent their account from being hacked. Others were less fortunate.
To make sure you don’t become the next victim, first check the sender’s address carefully. If you don’t trust it, contact Twitter and ask for an explanation.
Catch up on more articles here
Follow us on Twitter here