X has at all times had a bot drawback, however now scammers are using the Ukraine battle and earthquake warnings in Japan to entice customers into clicking on pretend content material warnings and movies that result in rip-off grownup websites, malicious browser extensions, and shady affiliate websites.
For months, X has been flooded with posts that include what seems at first look to be a pornographic video however, when clicked on, brings you to pretend grownup websites.
As tracked by X customers “Slava Bonkus” and “Cyber TM,” the scammers have now additionally began creating posts pretending to include sensational details about the Ukrainian forces invading Kursk or warnings about an earthquake in Nankai Trough, Japan.
“Emergency data on the Nankai Trough mega-earthquake: What ought to we watch out of to any extent further? It is all summarized on this article. Please learn it fastidiously and plan your schedule,” reads the pretend tweet about Nankai Trough earthquake warnings.
Nonetheless, as a substitute of exhibiting pretend movies, they show pretend X content material warnings that have to be clicked to view the content material.
Supply: BleepingComputer
These content material warnings are literally photographs that, when clicked, hook up with a URL on the app.hyperlink area, which then redirects customers by a collection of websites till they in the end land on a rip-off website. These rip-off websites are often grownup websites, however they may be for malicious content material, similar to tech assist scams, malicious browser extensions, or affiliate scams.
X shows these pretend content material warning photographs as a result of when the put up is first created, the social media website will learn the content material on the posted URL. If the app.hyperlink website detects that the connection is from Twitter, seemingly by its person agent, it is not going to redirect to the opposite websites.
As a substitute, it should show an HTML web page that makes use of Twitter playing cards HTML metadata to inform X how the put up needs to be displayed, together with the picture, description, and different content material.
This trick has been used for years, with BleepingComputer first reporting about it in 2019 and the approach lately used for cryptocurrency scams.