This post was originally published on this site.
The Better Business Bureau serving Kentucky and Southern Indiana is warning consumers about a phishing scam targeting X (formerly Twitter) users.
The scam locks users out of their accounts, which are then used to promote cryptocurrency and other products, according to a community announcement.
The scam typically targets accounts with large followings. Several high-profile local figures, including journalists and government officials, have been targeted.
Kentucky horse racing writer Jennie Rees recently had her X account hacked.
“I got a DM on X seemingly from a long-time sports journalism colleague asking if I would vote for him in an online contest to co-host a ‘huge podcast event with Spotify and Google,’” Rees said. “My colleague is in the podcast world, so sure, I wanted to help him out — and clicked on the purported link to vote. And I was infected.”
Rees was locked out of her X account, and a post surfaced where she claimed to have bought a new Audi with her crypto earnings.
“Far worse is that my X contacts began receiving that bogus DM that started it all,” she said. “I’m thrilled the BBB is working to raise public awareness of this hacker fraud.”
How to avoid social media scams
The BBB offers the following tips to help consumers avoid social media scams:
- Understand how social media platforms work. Get to know a social media platform’s policies before using it. For example, X never sends emails requesting login credentials, nor do they send emails with attachments.
- Be wary of unsolicited messages. Be skeptical about out-of-the-blue messages, whether it’s a DM, an email, or a message on a messaging app, especially if they ask you to click on links or open attachments.
- Look for the signs of a scam. Poor spelling, bad grammar, pressure to act now, demand for payment, and scare tactics are all red flags that indicate a scam.
- Always protect your personal information. Never give a stranger your login credentials or other personal information without verifying their request’s legitimacy. Most reputable companies won’t ask you for your login information.
This story was created by reporter Nida Tazeen, NTazeen@usatodayco.com , with the assistance of Artificial Intelligence (AI). Journalists were involved in every step of the information gathering, review, editing and publishing process. Learn more at cm.usatoday.com/ethical-conduct.