Nov 4 — As world’s highest net-worth individual and Tesla founder Elon Musk appointed himself to Twitter’s CEO role, he announced upcoming changes to the platform’s verification systems. The changes include an $8 monthly fee for account verification and ‘Twitter Blue,’ a digital verification symbol.
After the announcement, Twitter users started to receive related phishing emails. The emails attempted to deceive users into handing over account credentials. Emails sounded urgent in nature; in some cases asking users to sign-in to their Twitter account or risk suspension.
“Be wary – nothing has launched yet and we aren’t sending these notes,” says Yoel Roth, Twitter’s Head of Safety and Integrity.
Phishing email attempts
The links embedded within the phishing emails direct users to fake Twitter pages that harvest credentials. Google confirmed that it has taken down the domains that violate its policies, but problems may persist.
“Check the [email] sender carefully, and don’t provide your credentials or payment info,” said Roth.
Twitter’s new verification system
Twitter’s new verification system is intended to limit misinformation in that users will be able to see whether or not a tweet originates from a verified account or an unverified account. However, in practice, cyber criminals have managed to create accounts that look verified, and show the ‘blue tick’ symbol, but that are in-fact owned and operated with nefarious intent. Alternatively, cyber criminals could simply pay the $8.00 fee.
According to experts, Twitter may need to rethink its authenticity verification process for notable accounts (ex. those of world leaders), as a threat actor could simply pay to create a fake, similar looking account, and to have it verified.
In the absence of a streamlined verification process that clearly separates authentic high-profile accounts from those of imposters, some of Twitter’s existing verification issues are likely to continue…
More Twitter news
In recent weeks, Musk attempted to terminate his purchase agreement of the company before eventually relenting, as to allegedly avoid a high-profile court battle.
As the company’s new owner, Musk presently plans to reduce the company’s global workforce by 50% in order to increase the company’s profits. He is expected to fire 3,700 employees. Twitter is now being sued by former employees who say that they were not given adequate notice under federal and California state law regarding job cuts.
Musk’s actions also promise looser moderation on the platform – blurring the lines between true and false. Last weekend, Twitter reportedly restored the suspended account of Arizona Republican secretary of state candidate, Mark Finchem, who allegedly took steps to overturn the state’s vote for President Joe Biden in the 2020 election.
For more on Twitter’s verification and cyber security challenges, click here. Lastly, discover new trends, expert interviews, cyber intelligence analysis and so much more when you subscribe to the CyberTalk.org newsletter.