When Twitter and other social media platforms instituted “verified” accounts, it was supposed to stop scammers dead in their tracks. But give scammers enough time and they’ll find a way to circumvent almost any protection.
The Better Business Bureau’s Scam Tracker has reported an increase in social media users reporting that their verified accounts have been breached. It works the way many phishing scams do.
A social media user receives a direct message or email that appears to come directly from Twitter, Instagram, or another social media platform. It warns that the verified account has been flagged, and the account holder must re-verify it.
The user is told that if they don’t respond they could lose their “verified account badge.” In some cases, Twitter users have been informed that their blue verified badge has been marked as spam and, if they don’t appeal the decision, it will be deleted.
It pays to be skeptical
While it may all seem perfectly reasonable, it isn’t. If the target believes the message actually came from the social media company, they are highly likely to follow the scammer’s instructions.
The scammer sends a link and tells the target to click on it, or download a form, to begin the appeal process and restore the account to good standing. Clicking on the link, however, may download malware onto the user’s device.
The malware can silently collect all kinds of personal data without the user being any wiser. If the target fills out forms or replies with the requested information, scammers may be able to hack the account or use the data for identity theft.
Signs of a scam
This scam can be avoided by knowing how social media platforms work. For example, Twitter never sends emails with a request for login credentials. The company also says it never sends emails with attachments.
If you get an email from Twitter, especially one that has an attachment, rest assured you’re not dealing with Twitter but with a scammer.
Always be wary of messages that seem to come out of the blue. Whether it’s a direct message, an email, or a message on a messaging app, be skeptical about unsolicited messages, especially if they ask you to click on links or open attachments.
When in doubt about a message’s authenticity, always go straight to the source – the platform’s official customer service center – to find out if the message is real.
Other signs of scams can be found in the message itself. Check for poor spelling, bad grammar, pressure to act immediately, and scare tactics are all red flags that indicate a scam.