scorecardresearch

Google takes down phishing links that took advantage of Twitter’s ongoing blue tick overhaul

These emails evoke a sense of urgency by stating that the price of Twitter verification badge will be $19.99 per month starting November 2

Google takes down phishing links that took advantage of Twitter’s ongoing blue tick overhaul
Google takes down phishing links that took advantage of Twitter’s ongoing blue tick overhaul. (Photo Credit: Reuters)

Google has taken down the phishing links that took advantage of the ongoing blue tick overhaul at Twitter. The search engine giant has confirmed the removal of such links and accounts as they violated the “company’s program policies.”

For those unaware, a cyberattack was on loose, minutes after Twitter was taken over by Elon Musk and he proposed changes to how one can get a blue tick mark of verification.

According to a TechCrunch report, this phishing email campaign targets Twitter users luring them for a blue verification badge in an attempt to get access to the account passwords of verified accounts. These websites are disguised as Twitter help forms. Reportedly, these emails come from Gmail and have links directing to Google Docs and another website. These emails evoke a sense of urgency by stating that the price of the Twitter verification badge will be $19.99 per month starting November 2 and recipients don’t have to pay the monthly fee if they confirm that they are a “famous or well-known” person.

It further asks for a “short confirmation” to ensure that the receiver is not affected by this situation. It then says that to get the verification badge for free, the receiver needs to confirm he or she is a famous or well-known person.

Once the recipient clicks on “Provide Information,” they are directed to a Google Doc where the page itself contains an embedded frame from another site hosted on a Russian web host, Beget. The multiple layers of obfuscation is most likely an attempt to dodge Google’s automatic scanning tools that scan for malware and phishing activities.

While many could easily fall for this scam, those observing closely can easily spot signs that indicate this is a scam. For starters, the mail comes from Gmail instead of Twitter’s official website. There are also several spelling mistakes hinting that it isn’t a regular or safe email. Last but not the least, asking people to confirm if they are famous or not shows that the email has been drafted hurriedly and also brainlessly.  

ALSO READ | Google Workspace gets expiration date for editor, here’s what it means

Get live Share Market updates and latest India News and business news on Financial Express. Download Financial Express App for latest business news.

First published on: 02-11-2022 at 11:45 IST