How scammers managed to “steal” Twitter’s blue verification tick
Twitter crooks appear to have worked out a way to get Twitter’s coveted blue “verification tick” attached to their scammy tweets.
Scammers often attempt to masquerade as celebrities on Twitter. All the spammer needs to do is create a new Twitter account and copy whatever profile picture that celebrity is using along with their name. And voila – imposter Twitter account, ready to trick unsuspecting social media users.
However, the problem for scammers and their imposter accounts – other than having a different Twitter username to the celebrity – is the lack of a blue verification tick that Twitter gives to high profile figures and organisations to show they’re the official accounts.
Anti-scam websites such as ourselves will always tell our readers to lookout for that blue verification tick before trusting a tweet or comment. Seen a controversial tweet from a politician? Does the account have a blue tick? Seen a musician posting suspicious links? Does the account have a blue tick? The blue tick is usually a good indicator as to whether you should believe a tweet or dismiss it as an imposter (or fan) account.
But if scammers could work out a way to get that blue tick attached to their account, then things could become very dangerous indeed.
Sponsored Content. Continued below...
And this is what they did this week, on at least one occasion, when the below comment promoting a crypto-currency scam was being spammed out on Twitter, that appears to come from the US President’s very own verified Twitter account – blue tick and all.
So what happened? Was the President promoting crypto-currency scams? Or was his account hacked?
In reality, neither. As the eagled-eyed reader would have seen by now, the username isn’t right, meaning it’s not the US President’s account at all. So what’s happened?
Most people who don’t follow English rugby probably don’t know Joe Joyce, the 6’5’’ lock currently playing for the Bristol Bears. He’s certainly not as well known as Donald Trump, but apparently high-profile enough to have been given a Twitter verification blue tick on his account. And that means his account is a target for crooks.
Hacking a Twitter verified can be achieved in a number of ways – most likely a pretty primitive spear-phishing attack, we suspect. And once the crooks have access to that verified account, they’ll make full use of that blue tick.
Sponsored Content. Continued below...
In this case, the account belonging to Joyce soon had its name and profile picture changed to … you guessed it … Donald Trump. And of course, that blue tick stays in its place, meaning the scammers have a pretty convincing Donald Trump imposter account that, all importantly, is verified.
From there it’s par for the course. The crooks post comments, tweets wherever, leading to crypto-scams that claim to offer lots of free Bitcoin in return for a upfront small number of Bitcoin (yeah, right!) These spammy tweets can mostly be found as replies on Trump’s genuine tweets.
It’s certainly a worrying development and can make it more difficult to differentiate between legitimate and fake tweets. So far, this type of scam seems limited to crypto-currency scams, so as long as you don’t click on any links offering a free crypto-lunch, you should be ok for now.
Continued below...
Thanks for reading, we hope this article helped, but before you leave us for greener pastures, please help us out.
We're hoping to be totally ad-free by 2025 - after all, no one likes online adverts, and all they do is get in the way and slow everything down. But of course we still have fees and costs to pay, so please, please consider becoming a Facebook supporter! It costs only 0.99p (~$1.30) a month (you can stop at any time) and ensures we can still keep posting Cybersecurity themed content to help keep our communities safe and scam-free. You can subscribe here
Remember, we're active on social media - so follow us on Facebook, Bluesky, Instagram and X