Twitter Scams: How to Identify Them And Protect Yourself

Not everyone is your pal. Learn to identify scam tweets

Just like any other social media platform, Twitter has its share of users who aren't there to express opinions or find like-minded friends on the platform. Instead, they're there to steal both personal and financial information from others.

What Are Twitter Scams?

Twitter scams come in many shapes and sizes. From promises of quick ways to gain thousands of followers to easy money and work-at-home schemes, the scams aren't really unique except for the social media platform approach they use. The goal is always to get you to hand over sensitive information, from home addresses and phone numbers to passwords and bank account numbers.

How Does These Scams Work?

These scams work in different ways but they all involve social engineering and capitalizing on basic human qualities. They might prey on your hopes of becoming a social media star and/or getting noticed by social media influencers, seize on your fears in some way, or even zero in on the loneliness someone might be experiencing during the pandemic or other situations.

A screenshot of the Bill Gates cryptocurrency Twitter scam.

Here are some examples:

  • A direct message comes to you from one of your followers with the message, 'Just saw this pic of you!' But when you click the link, you've instantly fallen victim to the oldest trick in the book: You're taken to a fake website that secretly loads malware onto your computer as you view the site. A variation of this trick involves bot accounts that make you think there is a human behind the message but, in reality, it's just a computer randomly seeking clicks.
  • A variation of the above scam involves Twitter contacts who create phishing games and invite you to join them. 'Let's make up usernames from this fun list!' The 'list' then asks you to make up a new name by combining the answers from personal questions such as 'What's your mother's maiden name?' or 'Make and model of your first car'. Guess who now has 'secret' information that's required for a variety of financial accounts you have?
  • Work-at-home offers that request your credit card information in order to release their amazing tips. While some are legit, many others involve scam warning signs such as the use of free email services like Yahoo! or Gmail, post office boxes for mailings, and have no telephone numbers for you to call customer service.
  • Emails from Twitter . . . but they're not really from Twitter. If you ever receive an email from Twitter (which is unusual in and of itself), it will only come from @twitter.com or @e.twitter.com. Scammers will use some variation of this but it will always be off by a letter or two.
  • Financial scams, such as the 2020 scam that asked people to send bitcoin to a specific cryptocurrency wallet with the promise that the money would be doubled and sent back our of the goodness of the scammer's heart. (Nope, it was never returned.) This scam involved a takeover of highly public accounts from people you would expect you could trust, such as Bill Gates and former President Barack Obama.
  • Impersonations, too, are on the rise on Twitter. A scammer might steal your persona to entice others to give them information they might only give to you, their actual friend.

The list goes on and on but you get the idea: Every case seemed perfectly legitimate, until a closer look was taken.

How Do Twitter Scammers Find Victims?

Scammers find victims on Twitter in a couple of different ways. They might lift your Twitter handle off a public post you made, then follow you and begin commenting on your posts to gain your trust.

They might have stolen your email information from an online list somewhere where you also shared your Twitter handle. Scammers also can find names, email addresses, and Twitter handles using simple searches on Google since so many people do not bother to make their accounts and related information private.

How Do I Avoid Getting Involved in These Scams?

You can avoid getting involved in these scams by being wary of new followers, using vigilance, and following some basic online safety tips.

  • Don't post your private information on social media. The more you play fun games or quizzes sent to you by others, the more open you make yourself to accidentally sharing private information that becomes excellent data-sources for socially engineered scams.
  • Use Twitter safety and security settings. Twitter safety and security settings let you turn off location settings and keep discoverability of your privacy settings limited.
  • Never click unexpected links. If you need to check your banking or other personal information, go directly to the website you need and log in there. Don't click the login link in a message.
  • Never give passwords to people. No one, not even legitimate Twitter support personnel, needs your password.
  • Never give money unless you initiated the transaction. Unless you were the one who initiated a purchase or donation using a website you know and trust, never give money to someone who reaches out to you.

I'm Already a Victim. What Should I Do?

If you've fallen victim to an online scam, there are a few things you should do:

  • Report Twitter abuse. Navigate to the Tweet you want to report, click or tap the down arrow > Report > It's abusive or harmful. From there, follow Twitter's prompts.
  • Report the scam to law enforcement. Send a report to organizations such as the FTC, the Internet Crime Complaint Center (IC3), or EConsumer.gov.
  • Immediately contact your bank. Explain the situation and ask the bank to reverse any fraudulent charges and cancel/reissue new debit and credit cards, if necessary.
  • Run anti-virus and anti-malware software. If you think you landed on a fake website, your computer might be infected with malicious software that can scan your personal files for sensitive information. This software can help you root out and eliminate anything suspicious.
  • Change your passwords: Make sure to create strong passwords.
  • Notify your friends and family on social media: If you've been hacked, let your friends and family know so they don't fall victim to someone pretending to be you.

How Do I Avoid Being Targeted in a Twitter Scam?

The best way to avoid being targeted is to stay on the defense. Scammers persist because people get lax and miss warning signs, such as fake website links that are slightly off from the real thing. Scammers will always be looking for you; your best approach to safety is to always be looking for them.