January 4th – On the social media platform X, formerly known as Twitter, a gold badge indicates that the service has independently verified the account as owned by a celebrity or an organization.
The gold badge system was introduced last year as a paid option to help individuals and organizations show account authenticity. It’s the high-profile and business version of the blue checkmark.
Right now, cyber criminals are brute-forcing passwords and stealing credentials via malware in order to illicitly access gold accounts.
In some cases, the cyber criminals are also hijacking standard accounts that are associated with businesses. The criminals then upgrade the accounts to gold status, and sell them on underground cyber crime forums.
“Dark Web marketplaces are flooded with advertisements selling Twitter Gold accounts,” according to CloudSEK researchers.
Once hackers have access to gold X accounts, it’s a golden ticket for them. They can send out messages that damage a business’s brand, that harm consumers, and that allow them to turn a profit.
For example, hackers can deploy a malicious link via a ‘tweeted’ message, and thousands of people could take the requested actions; click on the link, download the file, input your credit card number to receive…
To prevent social media account takeovers, organizations are advised to regularly monitor brand mentions on X/Twitter. In other words, organizations should identify and investigate seemingly fake profiles, unauthorized product listings, wrong advertisements or otherwise phony set-ups.
Organizations should also adhere to strong password policies, as to protect accounts from brute force hacking attempts.