Think Before You Click: Say No to Fake Requests from Verified Twitter Accounts

What’s the problem?

• Off late threat actors are hacking verified Twitter accounts.
• This is being done to send fake suspension messages to steal other verified users' credentials.

Who are verified Twitter users?

• The Blue Tick or the Blue Badge which one sees against notable public figures, influencers, celebrities, and others are verified Twitter users.
• To receive the verified 'blue badge,' Twitter users must apply for verification.
• It is not easy to obtain a blue badge, and threats of suspension can cause people to react without thinking. Over this uncertainty, such accounts are prime targets for threat actors.

What happens after the victim receives the email?

• The threat actor via Twitter DMs sends in the message that the victims account was being suspended for some fake reason.
• The email will emphasize that the victim's account has been flagged as inauthentic and unsafe.
• The email also explains how Twitter takes the security of its platform very seriously and hence the suspension.

How to test the authenticity of the email?

• To test the phishing scam, visit the tinyurl.com address in the DM.
• This will redirect the user to https[:]//twitter-safeguard-protection[.]info/appeal/.
• Ensure that the user enters the correct login details and password.
• If not, then the phishing site rejected incorrect usernames/passwords.
• As fake email addresses and passwords were rejected, this indicates that the phishing site is using Twitter APIs to check for valid account information.
• Enter the correct information, and ensure that the Authenticity Check is completed.