Beware of fake Twitter account verification emails
After Twitter's accouncement of their plan to charge $8 account verification, hackers started sending phishing emails to some twitter users.
Security reporter Zach Whittaker noted that some people have gotten phishing emails that request the receiver to click a link and provide information, so they don't lose the verification badge.
The badge, commonly known as the "blue check," is meant to let Twitter users know that an account is genuine. Through the verification process, the company ensures that a real person or organization owns the account.
Currently, Twitter has a verification system for celebrities and people of public interest to go through a process that confirms their identity. It also has a monthly subscription called Twitter Blue, which adds extra customization to the service.
Those emails are an example of a "phishing attack", when a malicious person sends an email, phone call, or text message claiming to be from a real institution, such as Twitter, to trick people into giving up their data.
For example, the hacker will create a website posing as a bank and craft an email to get the victim to log into the malicious website. Their username and password will be quickly stolen and used or sold by the hacker.
Some warning signs of a phishing email include typos and an email that doesn't match any official website. For example, the email address sent by the Twitter phisher used "email@example.com."
A company isn't going to send official emails from a Gmail address. Instead, they will be sent from "@twitter.com" or "@apple.com." Unfortunately, attackers have more tricks to fake these addresses.
The most important way to stay safe from a phishing attack is to not click on any links inside one of these emails. Instead, contact the official company through its website if it's an unexpected email, such as a Twitter phishing attack.
Whether emailing the company's official address or contacting customer support, they can tell their users whether or not they sent the email.