Twitter/X's Link Change Sparks Phishing Fears, New Domain Registrations
Twitter/X recently sparked confusion and amusement when it began automatically altering links mentioning 'twitter.com' to 'x.com'. This change, intended to reflect the company's rebranding, led to unexpected consequences and raised concerns about potential phishing threats.
Matthew Garrett, a lecturer at U.C. Berkeley, was among those who found the situation amusing. He pointed out that many domains ending in 'twitter.com' were registered defensively by individuals to prevent scammers from exploiting them. However, Twitter/X's automatic modification led to these domains being redirected to 'x.com', causing uncertainty and potential security risks.
Twitter/X has since corrected its mistake, and links mentioning 'twitter.com' are no longer being altered. However, the incident has highlighted a new wave of domain registrations. Over 60 domain names ending in 'twitter.com' have been registered in the past two days, with some displaying warning messages about the recent changes. For instance, visiting 'goodrtwitter.com' displays a message indicating it was registered defensively. Meanwhile, domains like 'fedetwitter[.]com' have been registered to mimic the change, potentially for phishing purposes. The oversight could allow bad actors to divert traffic from legitimate sites or brands ending in 'x'.
It's important to note that there are no publicly available search results specifying which companies have recently registered domain names containing 'twitter.com'. This lack of transparency adds to the concern surrounding the potential misuse of these domains.
Twitter/X's recent oversight in altering links mentioning 'twitter.com' to 'x.com' has raised serious concerns about potential phishing threats. While the company has since corrected its mistake, the incident has led to a surge in domain registrations ending in 'twitter.com'. Users are advised to remain vigilant and cautious when clicking on links, especially those related to the recent rebranding. Further investigation is needed to determine the extent of the potential security risks and the parties involved in the recent domain registrations.
