Target and The Body Shop were targeted in a new wave of verified Twitter account hacks. This new attack follows a wave of similar attacks, including the attack where hackers masqueraded as Elon Musk by changing the name of other verified accounts they hacked into. Hackers used Elon Musk’s identity and credibility within the industry to encourage users ot part with their Bitcoin in exchange for more Bitcoin that never materialized.
In this latest attack, a crypto giveaway was the focus of the tweets, and a link was included so users could take part. More than a few high profile accounts were targeted including Target, Toledo Rockets, The Body Shop, Universal Music Czech Republic, the Agriculture and Horticulture Development Board (AHDB).
It is not yet clear how hackers managed to hack the accounts, however since the English used within the tweets is substandard, it is assumed the hackers are not native English speakers. While this may seem like a hint to most people that the Twitter account is not genuine, often this is intentional. For example with Nigerian inheritance and love scams, the scammers often use poor English as a means of making sure they only receive responses from the most gullible people, which are usually the most vulnerable people to these types of scams.
The relative success of these scams goes to highlight the trust people put into the verified account ‘tick’ on Twitter profiles. For many people, as soon as they see the tick, they believe they are dealing with a legitimate person or company that they can trust. Hackers are exploiting this to target a wide array of people. The attacks also prey on people’s excitement over cryptocurrency and the desire to get involved in this new and exciting area of financial technology. Many people have been wanting to dip their toe in the cryptocurrency pool, but aren’t sure how to go about it. Big businesses that are accessible to the public also add an air of legitimacy for those people wanting to segway into crypto.
Twitter hasn’t released a formal response specifically around these attacks, although pressure is mounting for them to do so. Twitter needs to find a way to make these types of attacks impossible, otherwise, users will become more fearful and less trusting of the platform.
Hopefully, Twitter can find a solution before the next wave of attacks. This seems to be a method hackers wanting to scam people out of cryptocurrency keep returning to, suggesting that it is very profitable and worth the effort to hack the accounts.