Users on Twitter have been receiving messages purporting to come from “Twitter Support” urging them to act quickly to avoid suspension, often even from users with blue checks. But these are almost certainly scams – here’s what to look out for, and what it might look like if Twitter did need to reach you.
First, it should be mentioned as a general rule Any message from anyone you don’t know should be viewed suspiciously on any platform you use. don’t follow any Links or instructions, if you’re not sure, take a screenshot and send it to a friend for help!
Regarding today’s question: DM spam.
This type of trick has different names, depending on the scammer’s goals. This could be all kinds of phishing attempts to trick you into revealing personal or financial information. But it could be a more complicated, longer-term plan to access well-known accounts.
Here’s how it works: first you do some spray-style messaging and get some people to click through one of the many ways to get their credentials, be it social engineering (“Please verify your current password”) or a fake app Program (“Please update Tw1tter”) or more serious device-level takeover. This gives scammers control over the accounts of a small number of real people.
Using these accounts, they further spam DMs, exploiting the legitimacy of these accounts to cover up their evil deeds. This gets them more accounts, and if they’re lucky, they jump to higher profile accounts, like verified accounts that users follow, and they open their DMs.
Once they take over a blue-checking account, they may change the name to something like “Emergency Support” and start issuing legitimate-looking warnings to the thousands of followers that user will have.
Here’s how to spot a scam and protect yourself. A message received by a TechCrunch reporter from a verified account today reads:
Twitter Support | Breach
We have recently detected a number of suspicious login attempts on your account.
We care about the security of verified accounts.
For security reasons, your account will be suspended within 24-48 hours. If you don’t, you must submit an appeal form to us so that your account is not suspended and we can review it.
[link to innocuous looking non-Twitter domain]
In any case, we will contact you again through this channel.
Thanks for your understanding,
Twitter Help Account.
A lot of people will see the verified account, some boilerplate-looking warning text, and click the link. How are they supposed to know what a Twitter suspension warning looks like? They’re not internet detectives, and frankly they shouldn’t have to to keep their accounts safe, but that’s the reality of today’s social media.
Fortunately, scams are easy to spot, and you can protect yourself by following these steps.
How to spot scam DMs
First, the message itself has several red flags.
- Twitter will never contact you via DM to resolve account issues. This type of communication is usually done via email associated with the account. Think about it: if Twitter thought a scammer might have taken over your account, would they DM that account? No – they have a secure line to your email that only they know. “If we contact you, we will never ask for your password and our emails will only be sent from https://twitter.com/ / https://e.twitter.com,” a Twitter representative said. If you do get a text, it will come from 40404.
- The sender is not Twitter. Again, Twitter wouldn’t use this channel in the first place, but the message didn’t even come from them. If you look at this person’s profile, you’ll see that they’re just some random people, or “eggs” as we used to call them.
- This link is somewhere you’ve never heard of it. Of course you don’t have to go to scam-links.xxx to be suspicious!A link in any message, DM or email, or even online can and often is Designed misleading.this link to twitter For example, actually went to Google. Just follow links in messages or emails that you know are real – don’t do it if you’re not sure!
- The language is a little off. Not everyone will understand this, but upon reading it becomes clear that this may not be a native English speaker – and Twitter communications in English will certainly use clear, error-free language. The same is true in other languages - if you spot something odd, even if you’re not sure, that should be a wake-up call!
So what should you do if you get a message that looks like a scam?the safest ignore and delete. If you want, you can Report to Twitter using the instructions here.
Protect yourself with double security
The best thing you can do to prevent scams like this is Turn on two-factor authentication., sometimes called 2FA or MFA (Multi-Factor Authentication). We have a complete guide here:
2FA will appear in your Twitter security settings, as well as in the security settings of many other online apps and services. All two-factor authentication does is check directly with you through a secure “Authenticator” app, asking “Are you trying to log into Twitter?” If you see that message and you’re not logged into Twitter, then something’s wrong!
When you do want to log in, it will ask you for a number generated by an authenticator app that only you can see, or sometimes via text (though this method is being phased out). These numbers can only be entered on the login screen, never tell anyone.
If you have 2FA enabled, then even if you accidentally give the scammer some login information, it will confirm with you when they try to log in. In today’s dangerous cybersecurity environment, this is a very useful thing to do!
That’s it – now you and anyone you want to tell won’t get scammed this way on Twitter. If you want to take your cybersecurity capabilities even further, check out our Cybersecurity 101 Series.