Two new messages are circulating asking verified users to click on links to keep their blue tick.
These scams have emerged as Twitter prepares to wind down its 'legacy' verified program and replace it with a subscription model.
Read on to find out what’s changing with Twitter and how to spot, avoid and report impersonation scams.
Outsmart the scammersWhat’s happening at Twitter?
When you visit Twitter, you'll notice that some users have blue ticks next to their name.
These accounts have been 'verified' by Twitter as belonging to people in the public domain, from popstars to authors.
From 1st April, Twitter will start removing blue ticks from individual accounts unless the user has subscribed to Twitter Blue.
This subscription service requires users to pay monthly for access to blue ticks and other features such as the ability to edit tweets.
Fake Twitter emails
Scammers are looking to profit from the constant changes taking place at Twitter.
One dodgy email reads: 'Don't lose your verified status', and prompts the recipient to click on a link.
A second email asks recipients to read Twitter’s updated verification policy and make ‘any necessary changes’ by a specific date.
Both messages include convincing branding and text, but they come from non-Twitter email addresses. Twitter will only send you emails from addresses ending in @twitter.com or @e.twitter.com.
If you click on the links in these emails, you'll be taken to a convincing-looking website with a non-Twitter URL which asks you to log into your account. If you enter your details, you'll be handing them to the scammer.
How to avoid and report email scams
It’s important to remember that organisations will only ever contact you from an official email address - which typically include the company's name.
Always check the sender's address before clicking on links in emails. If you receive a message you're unsure about, don't click the link. Instead, navigate to Twitter and log into your account to check if you need to take any action.
To report scam emails, forward them to report@phishing.gov.uk, before blocking and deleting the message. You can also select ‘Report Spam’ on Gmail, ‘Report phishing’ on Hotmail or forward emails to abuse@yahoo.com from a Yahoo account.
source https://www.which.co.uk/news/article/twitter-impersonation-scam-beware-of-dodgy-verification-emails-a639q1v5PxvT