Mind your company’s old Twitter accounts, rather than allowing them to be hijacked by hackers

Defunct Fox TV show has its Twitter account compromised by cryptocurrency scammers.

Mind your company's old Twitter accounts, rather than allowing them to be hijacked by hackers

There were only 13 episodes of the science fiction TV show “Almost Human” aired before it was pulled from the schedules in 2014.

The show, starring Karl “Not the real McCoy” Urban and executive produced by J J Abrams, was cancelled after one season by Fox TV.

But, like so many TV series and films these days, “Almost Human” had a Twitter account. In fact, it has a “verified” Twitter account.

Sign up to our free newsletter.
Security news, advice, and tips.

In its heyday, @AlmostHumanFOX looked like this:

Almosthuman old twitter

But, as The Next Web reports, it doesn’t look like that anymore.

Because it appears that hackers seized control of the moribund Twitter account and gave it a new lease of life promoting cryptocurrency scams.

In a screenshot published by The Next Web you can see that @AlmostHumanFox has retained its “verified” checkmark, but its display name has changed to that of Justin Sun, the boss of a Chinese blockchain startup called TRON.

Tron almosthuman

The real Justin Sun has getting close to half a million followers at @justinsuntron, and is presumably unconnected to the takeover of an unloved TV show’s old Twitter account.

My guess is that whoever has hijacked the @AlmostHumanFOX Twitter account is planning to use it to spread cryptocurrency giveaway scams – similar to those which have bedevilled other tech figures such as Elon Musk.

But I’m still bemused that the hackers managed to retain the “verified” checkmark on this hijacked Twitter account. Twitter has previously said that if a verified Twitter user changes their username they will have their verification checkmark revoked. (Clearly a sensible step to avoid malicious impersonation of online celebrities)

Shouldn’t the same protection mechanism be in place if a verified user changes their display name?

Twitter needs to look into this, as the problem of bogus users promoting scams is just getting worse.

And if you work at a company which has Twitter accounts that it simply doesn’t use any more – maybe it would be for the best if you took better care of them to avoid scammers breaking in.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “Mind your company’s old Twitter accounts, rather than allowing them to be hijacked by hackers”

  1. Xane Myers

    Another good idea for them would be to not create new Twitter accounts just for a certain show; Just put it all in a Twitter account about more than a single thing.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.