X Continues to Break as Fraudsters Use Deceptive Links to Scam You


Links have always been an important part of Twitter’s ecosystem. But lately, links on X are sending people to different sites than what they’re clicking. A verified account on X recently posted a link to a legitimate Forbes article that took users to a Telegram account promoting a crypto scam.

This example, caught by security researcher Will Dormann this week, shows a link preview to “Forbes.com.” However, when you click the link, it takes you to “Crypto with Harry,” a Telegram account promoting how it helps users earn “maximum profit.” The scam appeared to Dormann as an X advertisement coming from a verified account, and the post is still live today with roughly 1.1 million views.

X is failing to show users the immediate destination a link will send them, according to Bleeping Computer. Scammers can embed multiple destinations into their links, and design them so bots and automated accounts will skip over the “crypto link” and go straight to the Forbes article. However, actual users are all getting sent to the crypto scam.

A deceptive post on X. Google Chrome’s preview in the left corner shows this does not go to Forbes.com.
Screenshot: X

Unfortunately, X is previewing the final destination, which allows users to be fooled. If you’re on a desktop, you can hover over links, and your browser will likely do a better job of previewing what you’re about to click on. If you’re on a mobile phone, there’s no real way to check if links on X are legit.

Gizmodo found another example of deceptive links on the platform from August 2023. This tweet, with roughly 97,000 views, shows a “youtube.com” link, and shows a preview to a discussion between Elon Musk, Jack Dorsey, and Cathie Wood. The actual link goes to “dissertasting.com,” and the previewed video is actually just a deepfake.

Another example of deceptive links on X. Google Chrome’s preview shows the real destination.

Another example of deceptive links on X. Google Chrome’s preview shows the real destination.
Screenshot: X

Elon Musk has had a complicated relationship with links. In October, Musk stripped headlines from news links on Twitter to make the platform look “cleaner.” He added them back not long ago. The link-shortening service for X, t.co, was also scrutinized for allegedly throttling traffic to websites Musk dislikes.

A scam appearing as an advertisement is problematic for many reasons. For one, it’s making money off of users in a deceptive way. In this case, people were expecting to read a Forbes article. Two, it raises a question about how ads are vetted on X. Apple, Disney, and other advertisers recently fled the platform when their advertisements appeared next to hate speech.

This is the latest example of X having very weak content moderation on the platform. Users should reasonably expect verified accounts to have accurate information, or at least not be a complete scam. However, X has been proven time and time again that this is not the case anymore.


Source link

Leave a Reply