If you have a verified Twitter account (with a blue badge), please be careful — you’re a potential target in this latest phishing scam!
How Twitter Blue Badge Phishing Scams Work
Many verified Twitter account holders have reported receiving messages from “Blue Badge Support” (or sometimes from other verified accounts). These messages claim that their account will be deleted because they’ve been “reviewed as spam” or they’re accused of “copyright infringement”. Here are some examples:
Via Direct Message
Twitter Blue Badge Support
Hello, Twitter User! Your blue badge Twitter account has been reviewed as spam by our Twitter team. We understand how valuable the blue badge is to you. Please appeal using the form below, otherwise your blue badge may be deleted. notification-channel[.]com/twitter-verifi… Thanks Twitter Team
Hi Dear User,
Copyright infringement was detected in one of the tweets on your account. If you think copyright infringement is wrong, you need to provide feedback. Otherwise, your account will be closed within 48 hours. You can gice feedback at the link below. Thank you for your understanding.
Via Email
Hi! You’ve got 1 notifications from Twitter Verified
Remember, receiving a notification from Twitter Verified means that there is a problem with your verified account. (blue badge) Check notifications NOTE! Ignoring these messages from Twitter Verified can lead to the suspension of your account.
These Messages Are Scams
These messages and emails are NOT legitimate. The scammers’ goal is to steal your account credentials.
They lie to you, saying that your account will be deleted if you don’t take action immediately. They prompt you to click on the attached links to submit feedback or file a report. Don’t fall for it!
If you do as instructed and click on a malicious link, you will be taken to a fake Twitter log-in page that is designed to steal your account information:
Here, scammers can record your password and use it to gain access to your Twitter account. They can then spread scams and malware to other Twitter users under your name (using your verified account!).
We’ve reported on similar phishing scams on other social media platforms like Facebook and Instagram before. Visit the links to learn more.
How to Protect Yourself
- Know that Twitter will never ask you for your log-in credentials via direct message.
- Reach out directly to Twitter Support for help if you think there are issues with your account.
- Verify that links are safe before clicking on them. Does the URL look suspicious?
- Be extra cautious of links or buttons in direct messages or emails — even if they were sent by verified accounts.
- Use Trend Micro ScamCheck to detect scams with ease: Trend Micro ScamCheck is an all-in-one browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE!
After you’ve pinned the ScamCheck extension, it will block dangerous sites automatically! (Available on Safari, Google Chrome, and Microsoft Edge).
You can also download the ScamCheck mobile app for 24/7 automatic scam and spam detection and filtering. (Available for Android and iOS).
Check out this page for more information on ScamCheck.
As ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected.