Twitter's Verification Controversy Is Rapidly Turning Into A Cybersecurity Threat

twitter profile
As Elon Musk pushes to begin charging users to keep their coveted check marks, it appears scammers are beginning to target users who already have one by their username. The new CEO of Twitter has also mentioned that the verification process is currently being "revamped."

In what Musk says is an attempt to make Twitter a profitable business, the billionaire quickly began making sweeping changes shortly after finalizing the deal to take over last week. Those decisions have ranged from laying off employees, to the much discussed raise in cost of Twitter Blue. Now, it seems that scammers are trying to take advantage of the flurry of events, as some verified accounts have become the target of phishing campaigns.

musk tweet revamp verification

Becoming a verified user on Twitter currently requires jumping through some hoops. Some well established accounts have yet to be granted the privilege of having a checkmark beside its username. So, when Musk announced that verified users will have to start paying to keep their coveted badge, it has left many disgruntled and with a few questions. This has led some nefarious threat actors to try and take advantage of the situation, by implementing new phishing campaigns targeting verified users on Twitter.

In a recent post, BleepingComputer shared a few examples of emails it has received in the days since Musk's take over of Twitter. It says the "emails convey a false sense of urgency, urging the user to sign-in to their Twitter account or risk 'suspension.'"

The origin of the emails is said to be from servers of hacked websites and blogs. If you happen to click on the link within one of these emails, you are taken to a phishing webpage that misrepresents the $8 monthly fee associated with the Twitter Blue service. It aims to collect a user's Twitter username, password, and then goes as far as sending them a two-factor authentication code via SMS.

If you are a verified user on Twitter, be aware that there are more than one of these types of phishing scams currently circulating. Therefore, in the coming days and weeks, be extremely cautious and weary of any suspicious emails you may receive from accounts stating to be from Twitter. One good policy is to always look at the sender's email address. If it is not from an official Twitter account, then it is more than likely a scam.