Twitter Scammers Target Children’s Musician

A phishing page appears next to a beluga whale in an underwater scene. A "scam alert!" sign is overhead.
Made by Safe, Not Scammed in Canva.

Yesterday beloved children’s musician Raffi Cavoukian, best known for his song “Baby Beluga,” received an intimidating direct message (DM) from a verified Twitter account.

The message claimed, “Your Twitter account verification badge will be permanently suspended because your account uses images that violate our copyrights.” It also included a link to an appeal form, should Raffi disagree with the decision to suspend his blue badge.

The message was not from a Twitter employee, however, but from a scammer using a hacked verified account. The link to the appeal form led to a phishing website, asking visitors to “confirm that you are the owner of the account” by supplying their Twitter credentials.

Twitter Support
Please confirm that you are the owner of the account.
Username:
Current Password:
Continue
The phishing page scammers tried to use to steal Raffi’s Twitter account. Screenshot from URLScan.io.

Raffi thought the DM was legitimate and tweeted to complain that his account was being threatened. And it was a good thing he did! His followers sprung into action to warn him the DM was a phishing attempt. They also drew attention to several red flags about the message to help Raffi avoid similar scams in the future.

Raffi Cavoukian

is @Twitter trying to silence me? 2nd time in 3 days I get notice of impending suspension of my account. "images that violate" -- no examples cited. none. what's going on here?! @TwitterCanada @AsamiTerajima
Raffi’s tweet that prompted his fans to rush to save him from the scam. Source: Twitter.

Multiple tweeters pointed out that the domain in the DM was not the official Twitter domain, but security-twitter[.]com, an instant red-flag something nefarious was going on. Another noted the domain was registered just 12 days ago, on March 8th of this year, which is again highly suspicious. Others explained Twitter would not use a personal account to send official communications via DM.

Fortunately, Raffi’s fans were successful in their efforts to thwart the scammers that targeted him. His account does not currently appear to be hijacked, and he indicated he would change his password, just to be safe.

Leave a Comment

Your email address will not be published. Required fields are marked *