Twitter Phishing Campaign Targeting Verified Accounts

December 6, 2021 - Bleepingcomputer.com reported on an ongoing phishing campaign targeting users with highly sought-after blue badge with a checkmark on the pretext requiring the account to be verified due to error, or illegible for legendary status. These accounts are often perceived as distinguished, notable, and authentic.

This timing seems well timed, as Twitter is in the process of enforcing its terms of service by removing the blue checkmark from that did not meet the requirements for maintain them such as lacking a verified email or phone, or display name and profile picture.


The phishing attack diverts users to log into the fake version of the Twitter Update Site to steal the users' login credentials and the two-factor authentication code sent to the users, and then redirects the users to the Twitter home page.


One of the best way to avoid this type of attack is user awareness. If user information update is required, the users are instructed to visit Twitter homepage themselves vs. using links provided for them in the notification email to confirm authenticity of the request or to visit the Twitter help page for additional information.


What will come next if this campaign is successful? Users need to be on the alert for similar events or a repeat of Twitter Hack of major 'blue checkmark' accounts in the mid-summer of 2020 where authorities arrested a 17-year-old along with two other offenders who they said ran a scheme that targeted the accounts of celebrities, including former President Barack Obama and Elon Musk.