Popular Influencers Targeted in Twitter Scam
Hackers that ply their trade on the dark web marketplaces have always found ingenious ways to victimized individuals, to keep those markets thriving. Twitter users are now the source of stolen information for these criminals. A new report states that hackers from the dark web have reportedly been hacking verified accounts on the social media platform.
This latest hacking scam perpetrated against social media users is the issuance of false suspension notifications. Notably, the well-written account suspension alerts are creatively crafted to acquire the credentials of only verified Twitter followers.
Twitter accounts linked to renowned individuals such as famous entertainers like Hollywood celebrities are some of the targeted victims. In addition, politicians, journalists, and other highly influential individuals, as well as some renowned private and public brands were reportedly sent the phishing scam notification.
About Twitter Verify Accounts
Authentic Twitter verified accounts boast a prestigious “Blue Badge”. With that accolade, it shows that the owner of the account is of a high caliber. To be a member of the “Blue Badge Gang” a Twitter user must apply for that status, which is only granted after the verification process is completed. Above all, they must provide proof of their “notability” to be accepted in the verified “blue badge” society.
So far, cyber security analysts have reported that the Twitter phishing scam has stolen the private information of approximately one billion Chinese individuals. But, on the other hand, this is a huge success for the dark web hackers involved in the latest Twitter scam.
Allegedly, data stolen by these threat actors are quite easy to acquire, as most targeted individuals usually hastily click on harmful links controlled by these criminals. This is mostly seen with threats of suspension, according to cyber researchers. A Twitter blue badge is very difficult to obtain and must be protected with the highest integrity. Thus, boasting that honorary title, criminal hacking groups make them easy prey for their illegal phishing schemes.
Credible Phishing Scam
The credibility was recently tested by Sergiu Gatlan at BleepingComputer, who had received one of the phishing emails. The message sent in the targeted scam read, “We’re going to suspend your account.” According to the hackers’ suspension notice, the reporter’s account was suspended for spewing hate speech.
The Twitter direct messages further state that “Spreading hate speech is against our rules of service.” Also, “Your account has been recognized as inauthentic and unsafe by our automated algorithms.”
However, according to the BleepingComputer reporter, he clicked on the tinyurl.com link sent in the fake Twitter suspension notice. The reporter stated that after clicking on the fraudulent link, a request was made for a Twitter username, and a test account created was submitted. Further testing shows that the hackers were able to manipulate and use Twitter’s APIs to fetch the test account’s authentic image.
48 Hours Fake Suspension
Gatlan also revealed that the phishing scam is attached to this URL; https://twitter-safeguard-protection[.]info/appeal/. The criminals’ fake suspension notice also threatens account’s suspension in 48 hours if the authentication process is not completed.
Additionally, the test shows that the threat actors’ phishing site was also coded to reject wrong passwords and email addresses. The reporter stated that the fake Twitter safeguard and protection site only accepts the authentic credentials of the test Twitter account. Therefore, it shows that the criminals had infiltrated Twitter’s correct APIs that validate the social media platform’s followers accounts.
After the authentication process was completed, the phishing website reported the completion of the fake “Authenticity Check “. However, what really happened is that the Twitter account login information was stolen by the criminal hackers. And within a day or two the authentic owners of the Twitter account would be unable to access their accounts.