Yesterday beloved children’s musician Raffi Cavoukian, best known for his song “Baby Beluga,” received an intimidating direct message (DM) from a verified Twitter account.
The message claimed, “Your Twitter account verification badge will be permanently suspended because your account uses images that violate our copyrights.” It also included a link to an appeal form, should Raffi disagree with the decision to suspend his blue badge.
The message was not from a Twitter employee, however, but from a scammer using a hacked verified account. The link to the appeal form led to a phishing website, asking visitors to “confirm that you are the owner of the account” by supplying their Twitter credentials.
Raffi thought the DM was legitimate and tweeted to complain that his account was being threatened. And it was a good thing he did! His followers sprung into action to warn him the DM was a phishing attempt. They also drew attention to several red flags about the message to help Raffi avoid similar scams in the future.
Multiple tweeters pointed out that the domain in the DM was not the official Twitter domain, but security-twitter[.]com, an instant red-flag something nefarious was going on. Another noted the domain was registered just 12 days ago, on March 8th of this year, which is again highly suspicious. Others explained Twitter would not use a personal account to send official communications via DM.
Fortunately, Raffi’s fans were successful in their efforts to thwart the scammers that targeted him. His account does not currently appear to be hijacked, and he indicated he would change his password, just to be safe.