Following Musk’s announcement on Twitter, scammers have tried to take advantage of the flurry of events, as some verified accounts have become the target of phishing campaigns. Emails from some of these nefarious threat actors trying to exploit the situation convey a false sense of urgency, urging users to log into their Twitter accounts or risk suspension.
The e-mails are said to originate from servers of hacked websites and blogs. If a verified user clicks on the link in the e-mail, they are taken to a phishing website that misrepresents the monthly fee of 8 dollars for the Twitter Blue service. The website aims to collect a user’s Twitter username and password and then sends them a two-factor authentication code via SMS.
Another of the phishing emails contains identical wording to the phishing site itself and has an overall image more similar to Twitter’s branding.
The sources for this piece include an article in BleepingComputer.
