Security News > 2022 > July > Verified Twitter accounts hacked to send fake suspension notices
Threat actors are hacking verified Twitter accounts to send fake but well-written suspension messages that attempt to steal other verified users' credentials.
Twitter verifies accounts if they are considered notable influencers, celebrities, politicians, journalists, activists, and government and private organizations.
To receive the verified 'blue badge,' Twitter users must apply for verification and submit supporting documentation to show why their account is 'notable.
This website first asked for a Twitter user name, and when we entered our test account, it used the Twitter APIs on the backend to retrieve my test account's photo, as shown below.
Once again, fake email addresses were rejected, indicating that the phishing site is using Twitter APIs to check for valid account information.
These scams are not only being sent to verified users but they are being sent by verified users whose accounts were hacked, likely through similar phishing scams.