Criminals are targeting users on Twitter, claiming to offer verified account status but instead taking over their accounts. The attackers are placing legitimate ads targeting brand managers and influencers with a link to a phishing site seeming to offer account verification.
Usually, account verification on social networks such as Twitter, involves multiple verification steps for "accounts of public interest".
The ads themselves come from an account that mimics the official Twitter support account, @support. The fraudulent account, “@SupportForAll6”, uses Twitter branding, logos, colors, etc, to give a sense of genuineness.
A key element of this scam is the use of Twitter-native ads, which appear in user feeds without any interaction. After clicking the link, users are directed to a domain named “twitterhelp[.]info”.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street