One ever-so-helpful site promised to help users get Twitter verification—as soon as they phished out customers’ payment information.

“Jesus Christ, Twitter is promoting a phishing site that claims to offer  verification and asks for your  password, phone number, and credit card information,” Mike Wehner, trending news editor from BGR, tweeted Sunday, along with a selection of screenshots of the offending site.

Customers have long been able to  pay Twitter to promote certain posts, and increase how many people see them. Marketers typically use the feature to boost their advertisements, giving them a further reach.

Judging by Wehner’s screenshots, the phishing site first presented a convincing looking, but fake, Twitter page that explained the merits of having an account verified—or certified as genuine by Twitter’s internal apparatus.

“Being verified is more than a cool badge on your profile, it signifies authenticity and ensures the community that you are an official account,” the page reads.

After providing some basic information, the site then asks for a user’s credit-card number, expiration date, security code, and billing address—likely enough information for a cybercriminal to then use those payment details elsewhere.

 The site now appears to be inactive, only showing a default web server screen, and without any of the phishing content itself.