People receiving phishing emails for Twitter verification | Digit
San Francisco, Nov 1 (IANS) As microblogging site Twitter plans to charge for account verification, some people have started receiving phishing emails to steal the passwords of unwitting users.
According to TechCrunch, the phishing email campaign asks Twitter users to enter their usernames and passwords on an attacker’s website masked as a Twitter help form.
The email was sent from a Gmail account to several people that were linked to a Google Doc with another link to a Google Site, which lets users host web content.
This could make Google’s automatic scanning tools more difficult to detect abuse by creating several layers of obfuscation.
The page itself contained an embedded frame from another site hosted on the Russian web host Beget that asked for the user’s Twitter handle, password, and phone number which was enough to compromise accounts that do not use stronger two-factor authentication, according to the report.
Meanwhile, TechCrunch alerted Google about the phishing site and it was taken down shortly afterwards.
“Confirming we have taken down the links and accounts in question for violations of our programme policies,” a Google spokesperson was quoted as saying.
Currently, Twitter has a verification process that requires celebrities and other people of interest to confirm their identities.
Additionally, it offers Twitter Blue, a monthly subscription that allows for more service customisation.
(Except for the headline and cover image, the rest of this IANS article is un-edited)
For more technology news, product reviews, sci-tech features and updates, keep reading Digit.in.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.