Twitter allows apparent phishing scam to buy promoted tweet

Twitter allows apparent phishing scam to buy promoted tweet
© Getty

Twitter’s advertising platform allowed a fraudulent website to purchase promoted tweets that directed users to what appears to be a phishing scam.

ADVERTISEMENT
The tweet, which is being promoted on users' Twitter feeds, claims to offer users "verified" blue checkmarks, which some see as a sign of status on the site.

Users who click @BusinessTweet30’s link are directed to a site posing as Twitter, but with a different domain name. The colors and font are the same as Twitter’s, and the language on the site is worded as though it is an official part of Twitter’s platform.

“To prevent identity confusion, Twitter is now offering the verification form. We're working to establish authenticity with people who deal with impersonation or identity confusion on a regular basis. Accounts with [the verified checkmark] are the official accounts,” it reads.

On the page, Twitter users are prompted to input detailed information about themselves, including their email, password and credit card information.

The tweet raises red flags about Twitter’s automated ad purchasing process. Phishing scams from a promoted tweet can be uniquely dangerous, because users who see the tweet as “promoted” may understand this as Twitter confirming the tweet's legitimacy.

The tweet is an example of what may slip through the cracks of Twitter’s automated advertising platform. The company has human reviewers to take down promoted tweets that violate its terms of service, but in many cases they don’t see tweets until after they've been flagged by other users after being posted.

BusinessTweet30's tweet had been on Twitter for at least two hours. It’s unclear how long it has been a promoted tweet within that window.  

After being contacted by The Hill, Twitter deleted the tweet and the account that posted it.

A Twitter spokesperson declined to comment on the tweet directly, noting that it does not “comment on individual accounts for privacy and security reasons.”

The company did say that it is aware of groups trying to manipulate its ad platform and is taking action against such behavior.

Alan Rosenblatt, a digital political strategist at Lake Research Partners, thinks the tweet shows that Twitter’s actions so far aren’t enough.

“Clearly, this speaks poorly of Twitter's ad vetting process. That it does not have filters installed to protect its own reputation, let alone ads designed to damage others' reputation, is remarkable,” said Alan Rosenblatt, a digital political strategist at Lake Research Partners.

Rosenblatt, who also works as a communications professor at Johns Hopkins University, argued that the tweet speaks to the general confusion around Twitter’s shifting policies.

“This ad promoting a phishing scam under the guise of providing Twitter verification is the result of a combination of public confusion about the verified user system at Twitter, the fact that the official process is currently suspended with no clear explanation on the request page, and bad vetting of ads that let this phishing scam getting through Twitter's self-serve ad system,” he said.

Facebook and Google also use automated systems for their ad purchasing platforms. Their automated tools have come under fire for facilitating Russian manipulation of their platforms, as Kremlin-linked actors used Facebook, Twitter and Google to purchase ads intended to influence the 2016 presidential election.