Most bad actors target blue check consumers who complain of poor customer service on X.

Most bad actors target consumers who complain of poor customer service on X.

The rise of blue check scammers targeting X complainers

  • There has been a rise in misleading blue check X handles used to carry out phishing attacks.
  • Most bad actors target consumers who complain of poor customer service on X.
  • As yet, the X CEO has not addressed the rise in blue check scammers directly.

In the chaotic days since Elon Musk took over Twitter, now known as X, the social network has undergone numerous significant changes, including removing the iconic blue check. Revamping how the account verification works was one of the earliest changes made by Musk, and besides the confusion and chaos it caused, it was the perfect storm allowing scammers to take advantage and exploit unsuspecting users.

The changes made it easier for Twitter accounts to appear official. The new Twitter Blue subscription allows anyone to pay US$8 monthly and get a blue check mark showing they are “verified.” What raised eyebrows is how the check mark appears almost instantly once someone stumps up the cash; no questions are asked. People do not have to prove their identity.

For context, the blue verified check mark had for years meant that Twitter had confirmed the identity of the user behind an account, and the icon was considered a status symbol. But it wasn’t what Musk, who bought Twitter for US$44 billion in October 2022, needed. He wanted the social media service to start charging individuals US$8 per month to maintain their verified status. Non-paying members lost their verification badge.

“We are removing legacy verified check marks,” the company said in a statement on Twitter. “To remain verified on Twitter, individuals can sign up for Twitter Blue.” Many had envisioned how the new verification process—or lack thereof—would likely make it easier for bad actors to appear legitimate. 

And that was precisely what happened – almost immediately. Things started getting messy after Twitter Blue’s verification started rolling out, when accounts impersonating people and brands began appearing. Phishing emails were flooding users’ inboxes, specifically targeting Twitter Blue subscribers. 

Hackers are reportedly sending phishing emails to Twitter Blue users with a check mark. The mails "appear" to be from X.com. Source: X

Hackers are reportedly sending phishing emails to Twitter Blue users that “appear” to be from X.com. Source: X

According to researchers at cybersecurity vendor Proofpoint, a notable increase in Twitter-related phishing campaigns attempting to steal Twitter credentials was spotted soon after the verification changes were implemented.

Today, the blue check remains a cautionary tale

A recent report by The Guardian indicates that consumers who complain of poor customer service on X are now the target of scammers, who disguise themselves as customer service agents from the brands consumers are contacting. “The scams are successful because X removes blue checks from non-subscription users, which makes it more difficult for consumers to recognize authentic accounts,” the report reads.

In response to the news, Mary Kernohan, head of nurture at brand protection specialist SnapDragon Monitoring, told Tech Wire Asia that given that X is a popular tool frequently used for customer service, it provides the perfect platform to target consumers under the radar, while reaching a mass audience. 

Blue check users complaining about a Twitter Blue scam.

Users complaining of a Twitter Blue scam.

“When X first announced it was removing blue checks from non-subscription accounts, this sparked warnings from security experts that criminals would hijack on the move to target users with scams. These warnings were not unfounded,” she said in an email, adding that these scams will be virtually undetectable to the untrained eye. 

To put things into context, even accounts belonging to bad actors will have a blue check, while the logos, names, and artwork will all look legitimate. “Plus, criminals are crafty, and rather than just launching an attack or asking for personal information straight away, they will instead lure the victim into a private conversation where they will gain their trust before asking them to hand over their bank details,” she added. 

Musk has yet to address the rise of blue check scammers on Twitter directly, but not too long before Twitter Blue went live, the CEO, who sat down for an interview with the BBC, made a bold claim – that most scammers had abandoned Twitter. Musk claimed that the US$8 Twitter subscription fee would discourage bad actors from creating accounts, particularly at scale. 

This assessment appears, to say the very least, to have been unduly optimistic.

Harsh but true?