On Monday, it was reported that Twitter under Elon Musk’s ownership was “strongly considering” charging verified users (you know, the ones with the blue ticks) up to USD19.99 (RM94.70) for a Twitter Blue subscription to keep their status. That’s a controversial move in its own right—fighting disinformation on the platform is hard enough when it isn’t booting off reporters and activists who can’t afford to pay that much—but already it’s being turned into a cybersecurity fiasco, too.
That’s because opportunistic scammers are trying to fleece even more money out of unsuspecting individuals by pretending to be Twitter. They’ve sent phishing emails telling users they would have to pay the fee to retain their verified status. Included is a link to a website disguised as a Twitter help form, designed to steal login information.
The emails, crudely written probably to quickly take advantage of the chaos, were sent through a Gmail account, linking to a Google Doc that in itself links to a Google-hosted website. The creation of this many layers likely helped in bypassing Google’s own automatic scanning tools. The website also contains an embedded frame hosted on Russian web host Beget, asking for the user’s email address, password and phone number.
The news site that reported the scam, TechCrunch, notified Google and Beget, which promptly took down the links, accounts and websites used. A Google spokesperson told the publication: “Confirming we have taken down the links and accounts in question for violations of our program policies.”
Elon Musk has since walked back on the plan after the backlash, proposing a USD8 (RM37.90) monthly fee for Twitter Blue instead. The magnate appears to have responded to renown horror author Stephen King, who bluntly tweeted: “F**k that, they should pay me.”
[ SOURCE ]