Cybercriminals take advantage of Twitter chaos to step up phishing campaigns

There has been a rise in cases of identity theft using account verification and Twitter Blue as lures, according to industry firm Proofpoint

Cybersecurity company ProofPoint has seen a significant increase in Twitter-related phishing campaigns.
Cybersecurity company ProofPoint has seen a significant increase in Twitter-related phishing campaigns.Jakub Porzycki (NurPhoto via Getty Images)

Since Elon Musk completed the purchase of Twitter in late October, there have been a number of cybersecurity issues with the social media app. On example is the paid subscription service that was launched earlier this month in the United States, Canada, Australia and New Zealand offering the blue check for verified accounts without actually verifying the identity of the user. The service became unavailable after there was a wave of impostor accounts and identity theft. According to Reuters, the service is scheduled to roll out again on Friday, but only on Apple’s iOS mobile software.

However, this has not been the only problem to arise as a result of Twitter’s new leadership. According to the US cybersecurity company Proofpoint, its researchers have observed a considerable increase in phishing campaigns. Specifically, the company said, cybercriminals are using account verification and the new Twitter Blue product as lures to steal Twitter credentials.

These attacks are not targeting users in general, but are usually directed at public or media figures including journalists, who are the ones who may have verified accounts, the alert added.

Proofpoint offered some guidelines on how to detect a phishing attempt. The subject lines of these emails usually mention payment of the new premium subscription introduced by Musk, and the body of the message usually includes Google forms for the collection of data and URLs that direct to websites managed by cybercriminals.

Proofpoint insists on the danger of these compromised public figure accounts, which “are then used to spread false information, incite other users to interact with malicious content and get scammed, or to promote more phishing campaigns.”

Proofpoint’s Vice-President of Threat Research & Detection, Sherrod DeGrippo, explained that “it is not surprising that activity has increased in recent weeks. It is very common for cybercriminals to use relevant news or topics to capture the interest of their target and thus increase the likelihood that they will interact with the content of the email.”

In the past, Twitter has recommended consulting @TwitterSafety, although since Musk’s arrival nothing more has been posted.

Sign up for our weekly newsletter to get more English-language news coverage from EL PAÍS USA Edition

More information

Recomendaciones EL PAÍS
Recomendaciones EL PAÍS