Users on Twitter receive messages purporting to be “Twitter Support” urging them to act quickly to avoid being suspended, often even from users with a blue tick. But it’s almost certainly a scam – here’s what to look out for and what it would look like if Twitter really needed to contact you.
First, it should simply be mentioned as a general rule that any message from someone you don’t know, on whatever platform you use, should be viewed with suspicion. Don’t follow Any links or instructions, and if you’re not at all sure, take a screenshot and send to a friend for help!
Let’s move on to today’s problem: DM spam.
This type of trick goes by different names depending on what the scammers want. It could be phishing and they are trying to trick you into revealing personal or financial information. But it could be a more sophisticated, long-term plan to gain access to high profile accounts.
It works like this: first you do a little spray-and-pray style messaging so that a few people go through one of the many ways to get their credentials, be it social engineering (“Please verify your current password”) or a fake app (“Please update Tw1tter”) or some more serious device-level takeover. This gives the scammers control over multiple accounts of real people.
Using these accounts, they continue to spam DMs, using the legitimacy of the accounts to mask their nefarious activities. This gives them more accounts, and if they’re lucky, they’ll move on to higher profiles, like a verified account that’s followed by a user who has private messages open.
Once they get hold of the blue check account, they can change the name to something like “Urgent Support” and start sending out legitimate alerts to the thousands of subscribers that such a user would surely have.
Here’s how to spot a scam and protect yourself. One message a TechCrunch reporter received today from a verified account was as follows:
Twitter support | Violation
Recently, we have detected many suspicious login attempts to your account.
We care about the security of verified accounts.
Your account will be blocked within 24-48 hours for security reasons. If you do not, you must submit an appeal form to us so that your account is not suspended so that we can review it.
[link to innocuous looking non-Twitter domain]
In any case, we will contact you again through this channel.
Thanks for understanding,
Help Twitter account.
Many people will see a verified account, some boilerplate warning text, and simply follow the link. How do they know what a Twitter block warning looks like? They are not internet sleuths, and frankly they don’t have to be to secure their account, but that’s the reality of social media today.
Luckily, scams are easy to recognize and you can protect yourself by following these steps.
How to recognize a fraudulent DM
First, there are a couple of red flags with the message itself.
- Twitter will never contact you via DM about account issues. This type of communication is usually done through the email associated with the account. Think about it: if Twitter thinks a scammer may have taken over your account, do they DM that account? No – they have a secure line to access your email that only they know about. “If we contact you, we will never ask for your password and our emails will only be sent from https://twitter.com/ / https://e.twitter.com,” a Twitter spokesperson said. If you receive a message, it will be sent from 40404.
- The sender is not Twitter. Again, Twitter won’t be using this feed to begin with, but the message doesn’t even come from them. If you look at a person’s profile, you will find that this is just some random person, or “egg”, as we used to call it.
- The link leads somewhere you’ve never heard of. Of course, this should not make scam-links.xxx suspicious! Links in any message, DM, email or even the web can be and often are developed mislead. This link to twitter.com actually goes to google for example. Only follow links in messages or emails that you are sure are authentic – if you are not sure, don’t do it!
- The language is not the same. Not everyone will understand this, but on careful reading it becomes clear that this is probably not a native English speaker – and twittering in English is sure to be in clear, unmistakable language. The same will happen with other languages - if you notice something strange, even if you are not sure, it should cause alarm!
So what do you do if you receive a message that looks like a scam? The safest is ignore and delete. If you want you can report it on Twitter using the instructions here.
Protect yourself with two-factor security
The best thing you can do to protect yourself from scams like this is enable two-factor authentication., sometimes called 2FA or MFA (multi-factor authentication). We have a whole guide for that here:
2FA will be in your Twitter security settings, as well as in the security settings of many of your other online apps and services. What two-factor authentication does is it just verifies you directly through a secure “authenticator” app that asks, “Are you trying to sign into Twitter?” If you see this message and don’t sign in to Twitter, something is wrong!
When you really want to sign in, it will ask you to enter a number generated by an authenticator app that only you can see, or sometimes via text (although this method is being phased out). These numbers should only be entered at the login screen and should never be shared with anyone.
If you have two-factor authentication enabled, then even if you accidentally provide any login information to a scammer, when he tries to log in, he will check with you to make sure. This is an incredibly useful item in today’s dangerous cybersecurity environment!
That’s it – now you and everyone you want to tell won’t be scammed on Twitter this way. If you want to further improve your cybersecurity level, check out our Cybersecurity 101 series.
Credit: techcrunch.com /