Indian journalists Arun Dev and Kavitha Muralidharan have verified “blue ticks” on Twitter and are sought after by thousands of their followers. As the fiasco around Elon Musk’s takeover of Twitter started to make rounds, and the Tesla CEO proposed an $8 fee for retaining the blue ticks, both Arun and Kavitha were greeted with a link to the ‘Removal Notice.’ Going down the rabbit hole, Arun and Kavitha figured out these were cyber criminals at play leveraging the new global buzz.
Arun Dev and Kavitha Muralidharan were among the thousands of verified badge holders targeted by cybercriminals. Many verified Twitter users have reported getting phishing emails from scammers pretending to be from the official Twitter team. Most of these emails contain the old phishing trick, purposely created to lure victims trying to save their verified profiles on the platform.
These scamsters are relentless, and making the best of Twitter trends. pic.twitter.com/Tu6MnQyEWu
— Arun Dev (@ArunDev1) October 29, 2022
.@verified @Twitter pic.twitter.com/vzhSP1Vfrv
— Kavitha Muralidharan (@kavithamurali) October 29, 2022
The scammers send emails warning users of “Verified” profiles, persuading them to pay a monthly subscription to keep the verified profile badge unless they are popular in their respective communities. According to a few reported emails, the scammers are offering a subscription package of $19.99 per month, which will be initiated after November 2, 2022.
Since Twitter has thousands of verified accounts created by people who are not famous or well-known in the influencer markets, these scammers are targeting them via emails from accounts that mimic Twitter’s official emails.
Once the users click on an email link, they are redirected to the fake Google form instead of the official Twitter support pages. The user is then pursued to enter their username, password, and phone numbers on this form. While Arun was safe as he had enabled multi-factor authentication for his account, Kavitha had grown suspicious of the number of followers on Twitter.
Scammers become active after Elon Musk’s Twitter takeover
According to cybersecurity researcher Graham Cluley, “The world’s richest man’s plans for the news junkie’s favorite social network inevitably get a great deal of attention. Not everyone will know the details of what Elon Musk might be planning for Twitter, but they will certainly be aware that it’s a hot topic.
In an exclusive interaction with The Cyber Express, Graham Cluley noted the severity of hijacking the Twitter account. He said, “Well, not only could your Twitter account be hijacked by someone else – but they might also post malicious content to your followers. For instance, a scammer could post a link that attempts to steal the password of other Twitter users or install malware. In addition, a scammer could try to trick you into handing over financial information – such as your payment card details.”
“The only benefit historically [of a blue tick] is that it has helped give you greater confidence that the person is who they say they are. Celebrities, in particular, have suffered from scammers creating “copycat” accounts in their name,” he added.
Verified users beware! Scammers are exploiting Twitter turmoil caused by Elon Musk's takeoverhttps://t.co/sc8KEeqGNb
— Graham Cluley 🐘 @[email protected] (@gcluley) November 3, 2022
Among the best practices for users, Cluley suggested, “Always check the link goes to the domain you’re expecting, be on your guard against suspicious messages, use a password manager that enters your password for you rather than typing it in by hand (these will check that you are on the legitimate website), never share sensitive information you feel uncomfortable with (payment details, etc.), use different passwords for every website you access and enable multi-factor authentication.”
With Elon Musk’s recent declaration, many verified Twitter users are displeased. He doesn’t care if they like it or not, as long as they pay $8 a month to maintain the status quo. According to Musk, the company has expenses and requires payment from its users.
Several experts have also called it a genius move that would make Twitter profitable. At the same time, others have shared their concerns on companies like Facebook, Instagram, and even TikTok, following suit and charging their verified badge users.
This is not the first time Elon Musk’s social media posts have created controversies on the internet. The Tesla CEO previously Tweeted a statement about Tesla’s plans to no longer accept the cryptocurrency Bitcoin on May 13, 2022. Following the tweet, Bitcoin dropped from $54,819 to $45,700, its lowest since March 1, 2021.