It's cool to be on Twitter but it's cooler still to have more followers than your neighbor. Some are so desperate to move into the lead that they're pulling out their credit card to get there. Those gullible enough to participate in the growing number of Twitter Follower scams are sure to be disappointed.
Scammers are setting up websites promising to provide Twitter followers to anyone willing to sign up. There are typically two levels of membership - basic and VIP. A basic membership offers followers in exchange for the right to "use your account to promote [their] services". Effectively, you are handing over your Twitter username and password to a third party that will then leverage your account to promote their service. In return, you are promised Twitter followers. In our tests, we received no followers but were signed up to follow a couple of hundred accounts that were presumably either fake accounts setup by the service or other victims. How do they make money? In part through advertising on their webpage but primarily by convincing individuals to become VIP members. To become a VIP member, you must either recruit others to sign up for the service or pay for the privilege. VIP membership comes with the promise of "100-400 [new followers] each day". If you choose to take the recruitment route, when initially signing up, you are provided with a unique URL that is to be given to others for signup. This will supposedly allow the service to keep track of your recruits and promote you to VIP status free of charge after 15 additional accounts are recruited. We attempted to promote our test accounts to VIP status this way; however, the domain name in the URL provided did not resolve and the request would therefore fail. Effectively, this leaves paying a monetary fee as the only option to achieve VIP status.
Tweets sent from the accounts of past victims promote one of the many websites driving the scams. The URL is always obfuscated using a URL shortener and numerous URL shortening services are leveraged
If you want 400 followers a day use…
If you wantt 100 followers a day use…
I got 100 followers using…
I just got 400 followers using…
to get 400 followers a day…
If you want to get alot of followers check out…
Hey I just got alot of followers using…
I got 100 followers in a day using…
Get 500 followers a day using…
THE BEST WAY TO GET MORE FOLLOWERS…
OUR GOAL IS TO GET U MORE FOLLOWERS…
This site got me 200 followers quick…
Want FREE VIP, 100 new followers instantly and 1,000 new followers next week?
The best way to get 100 followers faster is using
Hey I just got alot of followers using
Whois information and IP address lookups suggest that at least some of the aforementioned websites are run by the same individuals. A number of the sites resolve to a single web hosting company in Malasiya and use the WhoisGuard service to hide registration information for the domains in question.
When a user visits the site and enters their Twitter name and password, they have effectively handed over control of their Twitter account to a third party. The scammers will then use that account to futher promote the service. The user may receive a handful of followers but in our experience, they are simply fake accounts set up by the scammers themselves, if any followers are received at all. One of our favorite touches…the 'I agree with the rules' checkbox on the signup page, can't be unchecked.
VIP membership comes with the promise of "100-400 [new followers] each day". It can supposedly be obtained by either recruiting others to sign up for the service or by paying anywhere from $20 to $1,500, depending upon the duration of your VIP status (4 days to one year). Most scams leverage PayPal to complete the transaction. While it’s unclear how many people are actually pulling out their credit card to participate, the volume of Twitter accounts seen that have apparently signed up for the service, along with the number of scams emerging, suggest that the scam is successful.
Sadly, the scammers are actually rather straight forward about what they're doing, if only victims were to take the time to review the 'rules':
- You have to add all vip users and 20 regular users to join the train.
- We may use your account to promote our services, with the exception of VIP account.
- The fee for VIP is non-refundable.
- After payment, give us up to 6 hours to update your VIP status.
Searching for either the phrases used to promote the sites, or the shortened URLs themselves shows that thousands of people are signing up for the services every day in the hopes that it will increase their number of Twitter followers. The screenshot below indicates that for only one of the sites, hundreds or Tweets Per Hour (TPH) are appearing in the Twitter live feed. What's not clear is how many people are taking the additional step of sending money to become VIP members.Twitter's Response
What is Twitter doing about the scams? Nothing. Thousands of tweets promote the scam sites every day and they aren't hard to find. Twitter could easily be implementing filters to identify common phrases or URLs. Beyond this, common phishing blacklists such as PhishTank.org and Google’s SafeBrowsing, are largely ignoring such sites as well.
These sites are scams, plain and simple. In our experience, signing up for the service will ensure that your account is used to send out Twitter spam to promote the service and follow hundreds of other accounts but result in no meaningful additional followers. We chose not to pay for the VIP service but even if followers are added, they will simply be other victims or fake accounts created by those running the scam. If simply building up the number of followers on your Twitter account is of that much importance, regardless of who they are, take the time to create a bunch of fake Twitter accounts on your own – it’s free. If you have signed up for such a service in the past, we recommend changing your Twitter password immediately to ensure that the service can no longer post messages on your behalf. Your account could be used to post content that you don’t approve of and if so, good luck explaining why you shared your Twitter credentials.