If you’re a Twitter user with a legacy blue checkmark, watch out for scams.
Hackers are exploiting Twitter’s decision to remove legacy verified badges from user accounts beginning April 1. They’re circulating phishing messages that impersonate Twitter and pretend to offer a chance to keep the verified blue checkmark—if the user submits their login information.
Several Twitter users today reported receiving emails with “Last call on verified accounts” as the subject line. The messages claim Twitter plans on removing the blue checkmark on April 1, but only for inactive and incomplete accounts. In reality, the company is winding down the feature for all consumers, unless they pay to subscribe to Twitter Blue, which costs at least $8 per month.
The phishing message contains a button labeled “Check issues now,” which links to a hacker-hosted web page seemingly designed(Opens in a new window) to trick users into typing in their email address and password.
Although the email and hacker-hosted web page contain the same design language as Twitter, a closer look shows both originate from a non-Twitter domain—an obvious sign that the whole scheme comes from a scammer.
It’s not the first time scammers have crafted phishing messages about Twitter’s verified checkmark. In October, hackers tried to exploit the company’s initial plan to charge users for the blue checkmark by sending phishing emails to users claiming they had to submit personal information to keep their verified status.
Twitter CEO Elon Musk is killing the legacy blue checkmark because, he says(Opens in a new window), “the way in which they were given out was corrupt and nonsensical.” Instead, he’s allowing any user to receive a verified badge if they’re willing to pay.
Recommended by Our Editors
However, a growing number of celebrities—including NBA player LeBron James(Opens in a new window) and NFL quarterback Patrick Mahomes, and several news organizations—have said they will not pay for the blue checkmark. That’s raised concerns that scammers and pranksters will exploit the situation to create verified accounts impersonating celebrities and well-known brands, like they did before in November when Twitter Blue first rolled out.
A business verified account costs $1,000 per month, but Twitter will exempt the top 10,000 most followed companies and organizations from that fee, Variety reports(Opens in a new window).
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Hits: 0
