14 DAY TRIAL // Twitter users are being targeted by a phishing campaign seeking to fool people into thinking they’re getting a “verified” badge on their accounts.
According to cybersecurity firm Proofpoint, legitimate ads have been placed on Twitter, targeting brand managers and influencers, SecurityBreaf reports. The ads, however, are linked to a phishing site offering account verification for Twitter users.
The ads come from an account that copies the official Twitter support account, @SupportForAll6, although this façade doesn’t hold with just a little bit of digging - there’s a low number of followers, for instance. Then, for an account that promises to help others get their checkmarks, it doesn’t have one.
The link in the ads takes users to a domain called twitterhelp.info, which should give the scam away. It seems that the URL resolves to an IP address that’s been used for phishing activities before.
Asking for it all
The site looks pretty good and can easily be confused as genuine, using all the right background colors and logos. However, when users follow instructions to get their accounts verified, they’re asked for plenty of information that will end up in the wrong hands - Twitter usernames, emails, phone numbers, account password. Then, they’re asked for credit card number and that magical security code on the back that unlocks it all.
“While there is no validation on the form asking for account information, allowing users to submit empty values, this is not the case with the financial information; this cannot be submitted without providing the requested credit card information,” Proofpoint says.
Users are then thanked and wished on their merry way, left to wait forever for their Twitter checkmarks.
The phishing technique isn’t anything new, but the site used seems more real than many others used in such schemes. On the other hand, there’s been a 150% increase in social media phishing attacks in the first six months of 2016. By the time the third quarter rolled in, the volume jumped to 300%.