U.S. Rep. Paul Broun’s GOP primary challenger Stephen Simpson fell victim on Friday to a common Twitter phishing scheme in which users are duped into sharing platform credentials.

After receiving a seemingly-personal note in which a masked link is provided, unassuming users are prompted to provide their username and password on an interface that mirrors Twitter’s web client because their “session has expired.”

The Tipsheet (@GeorgiaTipsheet) received an in-service message on Friday indicating Team Simpson had joined the legion of hoodwinked tweeters, though it’s unlikely the candidate himself fell for the scam, as his presence on the micro-blogging network relays campaign events in a third-person narrative.

But at least he’s in good company: Simpson’s campaign alerted one follower just last month that they had been deceived by one such scam.

Even as Simpson’s Twitter travails have fizzled, his stump stingers are passing muster with the truthiness arbiters at the Atlanta Journal-Constitution’s Politifact.

The fact-checking outfit rated as mostly true Simpson’s claim that “nothing [Rep. Broun] has introduced has ever passed.”

– James Richardson