Proofpoint, the cybersecurity firm, has confirmed that is has discovered a new Twitter credit card phishing scam. Users of the social media platform Twitter are being offered verified account status via native Twitter ads; the catch being that signing up requires the provision of credit card details, which are then communicated to the attackers.
Obtaining verified account status is normally a complicated and lengthy process. Public interest accounts users must comply with numerous steps in order to verify the account holder’s ID. The ads provide users with a rapid method of skipping all of those steps. It would appear that the scam was developed with influencers, brand managers, and small businesses in mind. The attraction of bypassing lengthy verification methods may appeal to them as some might not ordinarily be capable of achieving verified status simply as they do not have immediate access to much of the essential identification documents demanded by Twitter.
The adverts appear to be genuine and closely resemble the kind used by Twitter’s official support team. “@SupportForAll6”, the account used for the advertisements, has been encrusted with the official Twitter logo and is also coloured with an identical colour scheme as that of the official @Support account. To the untrained eye the account looks legitimate, however a closer inspection reveals some irregularities. Compared with other official accounts, the rogue account has strikingly few followers and its name is also somewhat suspicious.
By clicking on the ads, users are directed to a website with the domain “twitterhelp dot info”. Once more, this name is rather unusual and should raise suspicions. Nonetheless, the use of the name ‘Twitter’ has often proved sufficient to trick a large number users, particularly given the color scheme and branding which are identical to those used on the real Twitter site.
To register for the rapid verification process, Twitter users have to enter a varitey of information which includes their account name, email address, telephone number, and password to the account. Following the initial step,the user is asked to enter his or her credit card number and security code, supposedly for ‘verification purposes’. The unsuspecting user is told that no payment is to be taken, however Proofpoint has explained that the form includes a template for extracting payments that was taken from Github.
This phishing scam is currently being used by criminals to commit credit card fraud. Nonetheless, it is also true that users’ Twitter accounts are being compromised by it and they could therefore potentially be used for a number of dishonest purposes.
As phishing scams go, the Twitter credit card method is not very sophisticated. There are numerous tell-tale signs that it is a scam, nevertheless it is still likely to have some success. Researchers at Proofpoint have also highlighted that although only Twitter users are being targeted at present, it is completely plausible that the could be used against other social media platforms which have similarly complex account authentication processes. As long as a domain which appears to be realistic can be registered by criminals, the threat of a scam being pulled off remains high.