Twitter is one of the most popular social networks in the world. Not surprisingly, it’s also a haven for cybercriminals and scammers of all kinds.
To successfully defend yourself against common Twitter scams, you must first understand what they are, how they work, and why they are dangerous.
1. Phishing scams
No social media platform is immune to phishing, a type of cyber attack in which a threat actor pretends to be someone or something they are not. With Twitter, a scammer has almost unlimited options to phish users. For example, they can engage in email phishing, which is an attack that involves sending fraudulent messages to trick the target into entering their credentials.
Here’s one example: in November 2022, shortly after taking control of Twitter, billionaire Elon Musk launched Twitter Blue, a paid monthly subscription that adds a blue checkmark to a user’s account. As Bleeping Computer reported, scammers quickly took notice of this initiative and launched an elaborate phishing attack aimed at stealing the usernames and passwords of users who want to verify their accounts.
Similar phishing campaigns have plagued Twitter since its inception, with cybercriminals coming up with increasingly inventive ways to obtain user credentials. But regardless of who’s at the helm of Twitter, that won’t change, so the best thing you can do as a user is to set up two-factor authentication and block every email that claims to be from the social network be carefully verified.
2. Hacked account scams
Twitter’s blue tick has long been a badge of honor bestowed only on the most prominent individuals, such as celebrities, politicians and influencers. On the other hand, the social proof that comes with a blue check has always been sought after by cybercriminals. And to get one, they often hacked verified accounts.
For example, in 2020, using a fairly simple social engineering technique, a 17-year-old boy hacked the Twitter accounts belonging to Microsoft co-founder Bill Gates and then-presidential candidate Joe Biden. According to The Guardian, the teenager was later sentenced to three years in prison, but what he did shows just how easy it is for cybercriminals to hack Twitter accounts, including verified ones.
The teenage boy hacked Biden and Gates’ accounts to ask for a Bitcoin payment, and it’s safe to assume that a lot of people fell for his scam. But this wasn’t an isolated case: breaches happen far too often, and it’s usually ordinary users who pay the price. That’s why it’s important to remember that you should never blindly trust a Twitter account – even if it looks like your favorite celebrity is actually tweeting, make sure you double-check that their message is legit before you do anything .
3. Verification scams
Because everyone wants a blue tick, cybercriminals are coming up with increasingly creative ways to scam people. Whether you use Twitter, Instagram or Facebook, a person has probably sent you a message claiming that they can verify your account in no time.
In reality, there are only two ways you can have a verified Twitter account. One is a hanger-on of the previous method, i.e. submitting an official verification request via the platform. To get the blue badge, you had to meet several criteria. It is essential that you prove that you are a “notable” individual who works in the media, politics and so on. It no longer works, but those who had a verified account in the past may still enjoy the blue checkmark icon.
Now, if you still want a blue tick, you can join Twitter Blue – there’s no other way to receive that little tick.
And if you come across a scammer offering to verify your account, be sure to report it to Twitter. To do this, visit Twitter’s Help Center and fill out the appropriate form.
4. Crypto scams
Scams are all too common in the crypto space, and many are carried out via Twitter. If you follow cryptocurrency-related accounts, or if you post about crypto from time to time, you’ve most likely come across one.
There are different types of Twitter crypto scams, some obvious and others quite complex. One thing scammers do is impersonate a prominent digital currency influencer or analyst, then post misleading tweets, or even reach out to targets via direct message. Their tweets can range from promoting useless cryptocurrencies that are guaranteed to lose value, to pushing fake airdrops and shady services.
Fake crypto gifts are another scammer favorite. This type of hoax revolves around convincing the target that they will receive a large reward as long as they deposit a small amount of cryptocurrency to cover a “fee” or something similar. Of course, if you make the mistake of depositing the money, the scammer will just take your funds and move on to the next victim.
To stay safe from crypto-related scams on Twitter, be sure to carefully research any information about a particular asset, and only trade on safe cryptocurrency exchanges.
5. Bot scams
As you may already know, social networks are full of bots, or computer programs that simulate human behavior. Twitter is no exception. In fact, a 2022 study by web analytics company Similarweb found that five percent of Twitter users are bots, and determined that they create between 21 and 29 percent of the content on the network.
Bots are not inherently malicious, but scammers often use them to spread false and misleading information, trick targets into clicking malicious links, deploy malware, or otherwise harm the user in some way. On Twitter, bots sometimes network, retweet and like posts to reach a larger audience.
Some Twitter bots are hard to spot and look like regular accounts at first glance, so you should always carefully inspect any account that looks suspicious, especially if it sends links in replies to other tweets or sends direct messages. If you suspect an account interacting with you is a malicious bot, block or mute it and then report it to Twitter.
Protect your Twitter account
Twitter can be a great source of information and entertainment, but it’s far from perfect when it comes to privacy and security.
With that said, there are things you can do to protect your account. This includes using a strong password, setting up two-factor authentication, managing third-party app permissions, and more.
Disclaimer for Uncirculars, with a Touch of Personality:
While we love diving into the exciting world of crypto here at Uncirculars, remember that this post, and all our content, is purely for your information and exploration. Think of it as your crypto compass, pointing you in the right direction to do your own research and make informed decisions.
No legal, tax, investment, or financial advice should be inferred from these pixels. We’re not fortune tellers or stockbrokers, just passionate crypto enthusiasts sharing our knowledge.
And just like that rollercoaster ride in your favorite DeFi protocol, past performance isn’t a guarantee of future thrills. The value of crypto assets can be as unpredictable as a moon landing, so buckle up and do your due diligence before taking the plunge.
Ultimately, any crypto adventure you embark on is yours alone. We’re just happy to be your crypto companion, cheering you on from the sidelines (and maybe sharing some snacks along the way). So research, explore, and remember, with a little knowledge and a lot of curiosity, you can navigate the crypto cosmos like a pro!
UnCirculars – Cutting through the noise, delivering unbiased crypto news
