Research by Proofpoint has identified a phishing attack on twitter targeting brand managers and influencers. The attack is carried out by means of a legitimate twitter ad offering account verification.
The ads are from @SupportForAll6 account and uses twitter branding, logos and colours making it look authentic. Users who follow the link are directed to a domain twitterhelp[.]info where users are required to provide their twitter username, email address, phone number and account password in a form. In the next step, the user is asked to provide a credit card number and security code for “verification purposes”
User education and technical processes like ad blocking are a must in the fight against phishing and other cyber attacks.