Crooks ask for payment details in return for a blue tick.
Twitter users have been warned of a Promoted Tweet appearing in feeds that offers to help them get their account verified, but is actually a phishing scam hiding in plain sight.
The message, which could appear in users’ feeds regardless of who they follow, contains a link to a site that requests account information, and more worryingly payment details, in return for helping to place a blue tick on user profiles.
However, as security firm Malwarebytes noted, the entire set-up is a ruse which has so far ensnared almost 1,000 people.
“Over three days, the Promoted Tweet was clicked by 812 people, 97.4 per cent of them hitting the link via Twitter’s t.co redirect (in other words, directly from the sponsored tweet). 644 visitors arrived via iPhone, and 534 hits came from the US,” the firm said.
The scam was first reported by web developer Izzy Galvez, who flagged the scam to Twitter via the firm’s @support handle.
— Izzy Galvez (@iglvzx) October 28, 2016
It is unclear whether Twitter has reacted to the news, although a search for the Twitter handle of the account promoting the phishing page no longer returns any results.
Christopher Boyd, a malware intelligence analyst at Malwarebytes, explained that Promoted Tweets being hijacked to dupe users into giving up personal information should make people aware of the importance of never giving out sensitive data without being confident about the recipient.
“Whether links you see on Twitter are served by friends, strangers or even sponsored content placed there via Twitter itself, never take them for granted. The moment you see a site asking for log-in credentials and/or payment information, think very carefully about your next move,” he said.