March 20, 2024 at 04:54AM
Twitter users have been encountering misleading external links, leading to unexpected destinations like Telegram accounts promoting crypto scams instead of the displayed website like Forbes.com. This issue arises because Twitter’s link previews show the ultimate destination, which can be altered by malicious websites. This poses a significant threat to users, especially on mobile devices.
It seems that on the social media platform X, there is a flaw in the way it handles external link previews. When a user clicks on a link, instead of showing the immediate domain the link takes them to, X attempts to determine the ultimate destination and displays that as the website name in a post or ad. This can lead to users being redirected to entirely unexpected websites, such as the case with the Telegram account purportedly promoting crypto scams.
The flaw is particularly problematic on X mobile apps, as users do not have the ability to hover over the link and see where it’s taking them, as they would on a desktop web browser. This means that users may only see the displayed website name, such as “forbes.com,” and then immediately arrive at a different destination, like the Telegram account, upon tapping the preview.
This flawed behavior can be exploited by various adversaries, including crypto scammers, malware distributors, and phishing scammers. It is recommended not to click on external links in Twitter posts and ads without closely examining the URLs, and on mobile devices, it’s safest to not tap on posts with links at all.
It’s clear that this flaw poses a significant risk to users of the platform, and precautions should be taken to avoid falling victim to malicious redirections.