Phishing on a Digital Binary Warning Abstract

More phishy sponsored tweets

Another day, another couple of rogue sponsored tweets [1], [2] which lead to phishing.

The account pushing the first phish has now been deleted, but it’s trivial to set up another one – and the phishing URL itself is still active, ready to be redeployed at a moment’s notice.

Shall we take a look?

The site is located at


and – like the older versions of this scam – is all about getting yourself verified.

Phishy tweet

The site kicks things off by asking for username, email address, account type, phone number, year of account creation, and (finally) associated password. It’s not long before they’re sniffing around your wallet, too…

Got payment?

If we had to guess, phished Twitter feeds go into the pool of newly renamed “Twitter help / support / verification” accounts used in sponsored adverts.

Elsewhere, we have another one which follows the same pattern as above.

We strongly advise all users of Twitter to be on their guard – just because a tweet is sponsored, doesn’t mean the content it leads to is legitimate. Be on your guard and don’t hand over login details, payment credentials, or anything else to sites claiming they can get you verified.


Christopher Boyd


Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.