Tech News

Cybercriminals use Twitter’s verification system to steal personal information

A phishing campaign offers a free and permanent verification badge to users in exchange for their data. REUTERS/Kacper Pempel/Illustration/File Photo/File Photo

The cybercriminals are constantly developing new strategies to circumvent the security of the devices to steal the information personal or banking users. In this case, even without being official, the new way of verifying accounts in Twitter is being used for it.

[article_mb_code]

After having made the purchase of Twitter effective, Elon Musk would have as one of its objectives to make verified users pay a total of $19.99 per month to maintain that status within the social network and although the change has not actually happened, some criminals are already including it in their scams phishing.

According to Zack Whittaker, a journalist dedicated to cyber securitythis modification in the system of check in the social network could become a cybersecurity problem because some people would be receiving emails requesting your information such as your username, password and number telephone.

[article_mb_code]

“Don’t lose your state of verified free” is the title that can be read in the fraudulent email that is posing as an official communication from the Help Center of Twitter. Although the email may seem official, the message is sent from an account of gmail instead of an institutional Twitter address, a clear indicator that this is false information.

The email also states that “The verification badge will cost $19.99 per month for some users after November 2, 2022. […] To receive the verification badge free and permanent, please confirm that you are a known person. If you do not provide verification, you will pay $19.99 every month like the other users”.

Phishing campaign on Twitter uses the new verification system to steal user information. (Twitter/@zackwhittaker)
Phishing campaign on Twitter uses the new verification system to steal user information. (Twitter/@zackwhittaker)
[article_mb_code]

In addition, Whittaker indicates that this deception is produced using a page of Google Docswhich contains a link addition to a website where you can find a form in which information is requested from users. Although this measure of security was added by cybercriminals, Google managed to remove both the website from the form and the link that redirected to it.

Changes in the verification system on Twitter

Elon Musk indicated via Twitter that the process of check will have changes, so changes could soon be seen in the requirements that must be presented to obtain the badge check.

The American media The Verge indicates that Musk gave an ultimatum to the workers of the social network: they would be fired if they fail to implement payment for verification by Monday, November 7 of this year.

[article_mb_code]
Elon Musk intends that the user verification process includes a payment of $19.99 per month. (Capture)
Elon Musk intends that the user verification process includes a payment of $19.99 per month. (Capture)

According to the official website of Twitterin order for a user to request verification of their account within the social network, they must comply with three requirements essential and that will help identify that a person is real:

– The account must be authentic: For it Twitter will request some type of reference such as a website in which the user is referenced, a photo of an identity document and an email.

– The account must be relevant: Twitter indicates that verification is granted to people who carry out news coverage and, therefore, have written articles in which the person is referred to. In addition, it also requests a reference such as a Wikipedia article referring to the person or organization to which it belongs.

– The account must be active: Which means that users must have a complete profile with a photo and a name that identifies it, be public to platform users and have a confirmed email address or phone number. Also, as an additional requirement, you must not receive a 12 hour to 7 day ban for non-compliance in the last year.

At the moment there is no official announcement on how it will be implemented for users. At least in the app storein-app purchases are regulated and Manzana requests 30% of the money that is produced, something that has already generated inconveniences in the implementation of some payments on other platforms such as Spotify and that it could also be an obstacle to Twitter.

:

Back to top button