Sophos issues tips to help Twitter users protect themselves

Share

Tweet

Share

Share

Email

Comments

You may have seen prominent & verified Twitter accounts, including Joe Biden, Elon Musk, Jeff Bezos, Barack Obama, Bill Gates, Apple and many others, tweeting out links to cryptocoin scam earlier today. In light of these fake tweets, Twitter has taken the unusual but understandable step of closing down parts of its service while it investigates, and its own support account has just tweeted to say that the company is “continuing to limit the ability to Tweet, reset your password, and some other account functionalities while we look into this.”

Access to services such as password changes (and presumably also changing details such as two-factor authentication numbers) are being restricted for the time being. 

However, as these scammers will only succeed if people fall for their unlikely messages, Sophos has issued the following advisory to help Twitter users protect themselves:

• If a message sounds too good to be true, it IS too good to be true. If Musk, Gates, Apple, Biden or any well-known person or company wanted to hand out huge amounts of money on a whim, they wouldn’t demand that you hand them money first. That’s not a gift, it’s a trick, and it’s an obvious sign that the person’s account has been hacked. If in doubt, leave it out.
• Cryptocurrency transactions don’t have the legal protections that you get with banks or payment card companies. There is no fraud reporting service or transaction cancellation in the world of cryptocurrency. Sending someone cryptocoins is like handing over banknotes to in an envelope – if they go to a crook, you will never see them again. If in doubt, don’t send it out.
• Look out for any and all signs that a message might not be real. Crooks don’t have to make spelling mistakes or get important details wrong, but often they do, like the word “greatful.” So if the crooks do make a blunder, such as writing 50$ when in your country the currency sign comes first, making a mess of their own phone number, or using clumsy or unnatural language, don’t let them get away with it. Treat it with doubt unless everything checks out.