In the end of August, Sean Murphy was trying to book a flight between Nairobi, Kenya and Entebbe, Uganda, with Kenya Airways. “The information on the reservation page was unclear,” says Murphy, co-founder of Web3 company ImpactScope. So he sent a quick message directly to Kenya Airways’ verified Twitter account, asking it to confirm the baggage allowance for the flight. A day later, when the account didn’t respond, he sent the company a public tweet reminding them of the question. Then the answers began.
Within minutes, multiple Twitter accounts claiming to be Kenya Airways posted it on Twitter. All of them offered help, but none of them made an official appearance. The accounts used the Kenya Airways logo and slogan, but clicking on their profiles raised red flags. “Most of their messages were well-crafted,” says Murphy. “However, the low number of followers along with spelling mistakes or odd choice of characters in their current Twitter handles was the main giveaway.” The accounts included “@_1KenyaAirways” and “@kenyaairways23”.
It’s now easier to make Twitter accounts look official. In the chaotic days since Elon Musk completed his $44 billion takeover of Twitter and subsequently laid off thousands of staff, the social network has revamped the way its account verification works. Twitter’s new Blue subscription, which has started rolling out to some users, allows anyone to pay $8 a month and get a blue tick indicating they’re “verified.” The tick appears almost immediately after someone collects the money and no questions are asked – people don’t have to prove their identity.
The verification symbol is a big difference from the Twitter’s previous approach to verification when only accounts belonging to brands, public figures and governments were given blue ticks next to their name. In all those cases, the verification was approved by Twitter staff. The new verification process — or lack thereof — is likely to make it easier for fraudsters, cybercriminals and disinformation peddlers to hone their craft and appear legitimate.
CONTENT
This content can also be viewed on the page from which it originated.
“Cybercriminals very easily use social media as the perfect tool to target unknown victims, but when there’s no clear and real way to verify identity, you open a path to fake accounts, which will no doubt are abused by wanted threat actors. of a scam,” says Jake Moore, global cybersecurity advisor at security firm ESET.
Things are already messy. Soon after Twitter Blue verification started rolling out, accounts impersonating people and brands appeared. Some people seemed to be testing the system; others were causing trouble. In some cases, new accounts were used, and in others, old Twitter accounts had been converted to “blue-tick” status. An account call Nintendo of America (handle: @nIntendoofus) tweeted a picture of Mario giving people the finger. Apple TV+ was imitating along with the gaming firm The valve, Donald Trump and basketball star LeBron James. A post from an account claiming to be an ESPN analyst garnered more than 10,000 engagements before it was deleted, the fact-checking organization Snopes reported. The account had “NOT” on its handle and its bio described it as a parody. As of yesterday, amid a surge in impersonation accounts, Twitter had stopped allowing new accounts to purchase verification.
Twitter’s new approach to verified accounts is focused on the Twitter Blue subscription. After a user pays, a blue tick appears next to an account name. If someone clicks on the sign, a message explains that it’s there because it was purchased. On Twitter’s timeline, a user’s blue tick appears prominently next to their account name (which can easily be changed), instead of their username handle.
