Site icon Panda Security Mediacenter

Twitter frauds: the blue bird with the power to verify your business

Twitter outage

What separates Twitter commoners from Twitter royalty? A blue badge indicating who has a special account verified by Twitter. These users usually include the most searched and include celebrities and influencers.

Only 187,000 of the 320 million monthly Twitter users are a part of this distinguished club. In addition to giving them a higher rank, this “honor” is also designed to protect their identities from impersonators (fake accounts that pretend to be celebrities). This helps Twitter guarantee that their service is trustworthy.

Before, there was not a direct way of asking for profile verification but this has become much simpler in the past month. Now, anyone can request a profile verification badge by using an online form. But they don’t give the green light to just anyone.

Twitter doesn’t verify anyone’s profile: it continues to be important that they meet the requirements.

The problem with this is that not everyone understands the requirements we need in order to get a blue check-of-approval, even though they continue to be similar to what they were before. A few procedural things have changes, but the standards are much lower. Cybercriminals, who are always ready to take advantage of every opportunity, have already discovered discrepancies in this system.

Fake accounts that look credible that have profile names like “Verified Accounts” with a Twitter logo as a picture, have started posting messages offering user verification to those that want to join this elite group. The posts usually include a shortened link that users think will take them to the blue check mark.

These fraudulent profiles are not what you think, in fact, their mission is to transport you to pages that look legitimate (for example, take you to a website that looks like Twitter, including information about profile verification). In reality, this is a trap designed to collect your information like your email address, username and password.

When the user enters their information, the attackers have everything they need to kidnap the account and use it for malicious purposes like spam or malware distribution. Things can get even harrier if the user has entered a password they commonly use—now the criminal will have access to all of the accounts registered with that password.

There are three tips that one should follow if they want to avoid following into this type of trap. First of all, do not click on shortened links when you are not familiar with the website… only click on trustworthy sources. In addition, have a little common sense: if Twitter already knows your username and email, why are they asking for them again? Be suspicious when a service like Twitter asks you for information it should already know.

Do not click on shortened links when you are not familiar with the website

Lastly, make sure to always use two-step verification when it is available. This will make it so that, even if hackers know your password, they still need physical access like your smartphone to access your account.

In addition to these steps, using a powerful antivirus can help you fight and eliminate those malicious threats lurking on the net.

 

Exit mobile version