14 DAY TRIAL // Cybercriminals would do anything to get their hands not just on your Facebook account but also on the one for Twitter, and a recent attempt consisted in attracting users with the promise of a verified account checkmark next to their micro-blogging handle.
Twitter offers the verified account badge to key individuals and brands using the platform in order to “establish authenticity” of their identities. It focuses on users in all domains, but the important thing is for them to be great influencers.
This means that they must be in the heavyweight category, as the company does not accept verification requests from the general public.
Malwarebytes reports of such an attempt that is clearly the work of dedicated cybercrooks, since they went to great lengths to make the landing page look legitimate.
The most important aspect regarding the fake page is that all the links lead to legitimate pages, hosted on Twitter’s domain, which can only increase the victim’s trust that the entire verification process is valid.
However, entering the Twitter credentials for account validation purposes actually delivers them in the hands of the crook. All this happens in the background and all the victim sees is a redirection to the verified accounts FAQ page.
The page no longer exists, but in order to avoid giving up the credentials, users are advised to take the precaution of informing themselves about the services provided by a company by reading the original documentation.