Mind your company’s old Twitter accounts, rather than allowing them to be hijacked by hackers

Defunct Fox TV show has its Twitter account compromised by cryptocurrency scammers.

Mind your company's old Twitter accounts, rather than allowing them to be hijacked by hackers

There were only 13 episodes of the science fiction TV show “Almost Human” aired before it was pulled from the schedules in 2014.

The show, starring Karl “Not the real McCoy” Urban and executive produced by J J Abrams, was cancelled after one season by Fox TV.

But, like so many TV series and films these days, “Almost Human” had a Twitter account. In fact, it has a “verified” Twitter account.

In its heyday, @AlmostHumanFOX looked like this:

Almosthuman old twitter

But, as The Next Web reports, it doesn’t look like that anymore.

Because it appears that hackers seized control of the moribund Twitter account and gave it a new lease of life promoting cryptocurrency scams.

In a screenshot published by The Next Web you can see that @AlmostHumanFox has retained its “verified” checkmark, but its display name has changed to that of Justin Sun, the boss of a Chinese blockchain startup called TRON.

Tron almosthuman

The real Justin Sun has getting close to half a million followers at @justinsuntron, and is presumably unconnected to the takeover of an unloved TV show’s old Twitter account.

My guess is that whoever has hijacked the @AlmostHumanFOX Twitter account is planning to use it to spread cryptocurrency giveaway scams - similar to those which have bedevilled other tech figures such as Elon Musk.

But I’m still bemused that the hackers managed to retain the “verified” checkmark on this hijacked Twitter account. Twitter has previously said that if a verified Twitter user changes their username they will have their verification checkmark revoked. (Clearly a sensible step to avoid malicious impersonation of online celebrities)

Shouldn’t the same protection mechanism be in place if a verified user changes their display name?

Twitter needs to look into this, as the problem of bogus users promoting scams is just getting worse.

And if you work at a company which has Twitter accounts that it simply doesn’t use any more - maybe it would be for the best if you took better care of them to avoid scammers breaking in.

Tags: , , ,

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , ,

One Response

  1. Xane Myers

    July 25, 2018 at 3:34 pm #

    Another good idea for them would be to not create new Twitter accounts just for a certain show; Just put it all in a Twitter account about more than a single thing.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.