The new verification system on X/ Twitter is still causing problems for users, as blue-check scammers have been found to target customer service complaints on the platform.
X has been through its fair share of controversy since the tumultuous take over by Elon Musk in October 2022. The perplexing name change, the X sign fiasco, and the refusal to pay rent of all marred the transition, sending users and advertisers to other competitors.
Now, it looks like the blue check debacle isn't even completely solved yet, as phishing attempts have been prevalent thanks to the paid-for verification system.
How the Scam Works
Reaching out to brands via X has become a common trend in recent years, with the public attention sometimes getting customer service reps to respond faster to urgent requests. However, this new scam takes advantage of this trend by responding in order to phish valuable information from unsuspecting users.
It starts with the scammer responding to customer service requests, disguised as the brand in question. What makes the scam so believable is that scammers can now purchase an $8 per month blue check from Twitter, making it seem like they are a legitimate source of customer service.
🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get a huge 86% off Surfshark with this special tech.co offer.
Once you've started a conversation, the scammer (still disguised as the brand) will request contact and financial information to provide you with a refund to your card. Unfortunately, there is, of course, no refund. Instead, your information will be used to steal money or simply sold to third parties on the dark web.
How to Avoid Getting Scammed
One of the impersonated companies responded to The Guardian when asked for comment, explaining the best way to avoid falling victim to this scam:
“If there are ever any doubts about the legitimacy of a request, customers should always err on the side of being safe and contact our official customer service team. If a customer does opt to contact us using Twitter, they should always check they are using our verified account which has a gold badge to indicate authenticity.” – a spokesperson for Booking.com
There are a few ways to protect yourself from phishing scams in general too. For starters, always verify where you are sending money or financial information before you click the button. Also, keep an eye out for spelling mistakes, grammatical errors, and other clear indicators that you aren't speaking to a legitimate business.
How to Protect Yourself Online
Generally speaking, the online world can be a stressful place when it comes to protecting your data. There are, unfortunately, a lot of nefarious actors out there attempting to use digital illiteracy to make a quick buck.
Fortunately, there are some tools that you can use at your business to ensure that your team is as secure as possible. After all, you don't want to get hacked and have a financial hit of, on average, more than $10 million for a data breach.
The best place to start is a VPN, which can help encrypt your team's internet traffic, even in secured databases from your company. On top of that, a good password manager can ramp up your security in a big way, particularly considering most data breaches stem from poor password security.
Simply put, being vigilant when it comes to online security is your best bet, but a little bit of help can go a long way in shoring up your defenses.