As Twitter Pulls Legacy Checkmarks, Hackers Pounce With Phishing Emails
If you’re a Twitter user with a legacy blue checkmark, watch out for scams.
Hackers are exploiting Twitter’s decision to remove legacy verified badges from user accounts beginning April 1. They're circulating phishing messages that impersonate Twitter and pretend to offer a chance to keep the verified blue checkmark—if the user submits their login information.
Several Twitter users today reported receiving emails with “Last call on verified accounts” as the subject line. The messages claim Twitter plans on removing the blue checkmark on April 1, but only for inactive and incomplete accounts. In reality, the company is winding down the feature for all consumers, unless they pay to subscribe to Twitter Blue, which costs at least $8 per month.
The phishing message contains a button labeled “Check issues now,” which links to a hacker-hosted web page seemingly designed(Opens in a new window) to trick users into typing in their email address and password.
Although the email and hacker-hosted web page contain the same design language as Twitter, a closer look shows both originate from a non-Twitter domain—an obvious sign that the whole scheme comes from a scammer.
It’s not the first time scammers have crafted phishing messages about Twitter’s verified checkmark. In October, hackers tried to exploit the company’s initial plan to charge users for the blue checkmark by sending phishing emails to users claiming they had to submit personal information to keep their verified status.
Twitter CEO Elon Musk is killing the legacy blue checkmark because, he says(Opens in a new window), “the way in which they were given out was corrupt and nonsensical.” Instead, he’s allowing any user to receive a verified badge if they're willing to
Read more on pcmag.com
