Twitter Verified Accounts Now a Source of Cybersecurity Issues

Twitter Verified Accounts Now a Source of Cybersecurity Issues

Published: November 03, 2022

Elon Musk’s attempts at charging users to keep their verified status have opened up the Twitter community to a spate of issues, the latest of which are serious cybersecurity concerns.

Phishing email campaigns are neither rare nor require specific circumstances to be carried out efficiently. But Musk’s conniving attempt at charging users for something they already have, under the threat of taking it away, has opened the door to a series of malicious actors.

An unknown group of cybercriminals has launched a phishing campaign that tried to get Twitter users to leave their private information on a fake website disguised as a Twitter help form.

The attackers sent emails from Gmail accounts posing as Twitter, with not-so-clever handles such as “Twitter Contact Center,” etc. The body of the email isn’t particularly clever either, but that hasn’t stopped phishing campaigns before.

Twitter Phishing Email
Source: TechCrunch

The link in the email leads to a Google document that contains another link, this time to a different Google site that lets users host their own content. That page contains an embedded frame from a website hosted by a Russian web host called Beget, which requires users to input their Twitter handle, password and phone number. This is enough information to endanger any account without 2-step verification in place.

The complexity of this scheme is an attempt to confuse Google’s automated detection systems, which it did successfully.

It required manual detection, and luckily, the team over at TechCrunch was more than willing to lend a hand. They uncovered the plot, alerted Google, which then took down the website in a short period of time.

“Confirming we have taken down the links and accounts in question for violations of our program policies,” a Google spokesperson told TechCrunch. They notified Beget of the issue as well, which proceeded to take down the malicious domain.

It isn't clear as of yet how many Twitter users fell for the scheme and what the extent of the damage is.

The email campaign itself was very basic and didn’t have many moving parts. It was clearly put together on short notice to take advantage of the chaos Musk’s $44 billion acquisition of Twitter has caused for the social network.

Phishing email campaigns such as these are a reminder that people are the weakest link in the cybersecurity chain.

Always verify who the email is coming from before providing any information or clicking any buttons.

Thankfully, there was someone watching over the users this time. That may not be the case again.

Subscribe to Spotlight Newsletter
Subscribe to our newsletter to get the latest industry news