Security News > 2021 > December > As Twitter removes blue badges for many, phishing targets verified accounts
A new phishing campaign has been targeting verified Twitter accounts, as seen by BleepingComputer.
Verified accounts on Twitter refer to those possessing a blue badge with a checkmark.
The phishing campaign follows Twitter's recent removal of the checkmarks from a number of verified accounts, citing that these were ineligible for the legendary status, and were verified in error.
"As you know, a verified badge tells people that your account is notable and authentic. And being a part of this 'blue badge' Twitter community comes with responsibility. We hope you use it well. All accounts, including verified accounts, need to follow the Twitter Rules."
"To keep your verified status, please keep in mind that your Twitter account must always be complete. This means having either a verified email address or phone number, a profile image, and a display name. Any verified account in severe or repeated violation of our rules may lose their blue badge."
After gathering the user's Twitter username, password, and two-factor authentication code, the phishing page redirects the user to the Twitter homepage.