The phishing messages say 'Last call on verified accounts' in the subject line, in an attempt to dupe unsuspecting users with legacy blue checkmarks into revealing account data.
If you’re a Twitter user with a legacy blue checkmark, watch out for scams.
Hackers are exploiting Twitter’s decision to remove legacy verified badges from user accounts beginning April 1. They're circulating phishing messages that impersonate Twitter and pretend to offer a chance to keep the verified blue checkmark—if the user submits their login information.
Several Twitter users today reported receiving emails with “Last call on verified accounts” as the subject line. The messages claim Twitter plans on removing the blue checkmark on April 1, but only for inactive and incomplete accounts. In reality, the company is winding down the feature for all consumers, unless they pay to subscribe to Twitter Blue, which costs at least $8 per month.
The phishing message contains a button labeled “Check issues now,” which links to a hacker-hosted web page seemingly designed(Opens in a new window) to trick users into typing in their email address and password.
Although the email and hacker-hosted web page contain the same design language as Twitter, a closer look shows both originate from a non-Twitter domain—an obvious sign that the whole scheme comes from a scammer.
It’s not the first time scammers have crafted phishing messages about Twitter’s verified checkmark. In October, hackers tried to exploit the company’s initial plan to charge users for the blue checkmark by sending phishing emails to users claiming they had to submit personal information to keep their verified status.
Twitter CEO Elon Musk is killing the legacy blue checkmark because, he says(Opens in a new window), “the way in which they were given out was corrupt and nonsensical.” Instead, he’s allowing any user to receive a verified badge if they're willing to pay.
However, a growing number of celebrities—including NBA player LeBron James(Opens in a new window) and NFL quarterback Patrick Mahomes, and several news organizations—have said they will not pay for the blue checkmark. That’s raised concerns that scammers and pranksters will exploit the situation to create verified accounts impersonating celebrities and well-known brands, like they did before in November when Twitter Blue first rolled out.
A business verified account costs $1,000 per month, but Twitter will exempt the top 10,000 most followed companies and organizations from that fee, Variety reports(Opens in a new window).
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.