How do scams work on Twitter / X?
Twitter/X scams exploit the platform's viral reach through fake celebrity giveaways, cryptocurrency promotion by impersonated accounts, and phishing attacks on account credentials via fake verification or suspension notices.
Last reviewed: 10 June 2026
Explanation
Twitter/X has long been a vector for impersonation and financial scams because the platform's culture of interacting with public figures makes it seem plausible that a celebrity or executive might run a giveaway or financial offer. The introduction of the paid verification tier has also created confusion about what the blue checkmark actually means.
Crypto giveaway scams are the most visible pattern: an account impersonating a technology executive or celebrity announces a crypto doubling scheme — send one amount and receive double back. These accounts often mirror the profile picture and name of a real, well-known person. They amplify themselves by hacking real verified accounts to broadcast the message, lending further credibility.
Phishing DMs claim that your account has been reported for a policy violation, that your verification is being reviewed, or that you need to confirm your identity through a link. The link leads to a fake Twitter login page. Account verification emails that appear to come from Twitter should be checked by logging into the platform directly rather than via email links.
Promotion of fraudulent crypto tokens through artificially coordinated tweets is a common pump-and-dump mechanism, particularly for low-cap tokens where a coordinated buy volume can create rapid short-term price increases visible on charts.
Common red flags
- Account offering to double your crypto if you send an initial amount to a wallet address
- Profile looks identical to a celebrity or executive but was created recently
- DM claiming your account is at risk and directing you to a login link
- Promoted tweet advertising an investment platform with guaranteed high returns
- Multiple accounts replying to a tweet with similar testimonials about the same opportunity
- Link in a tweet goes to a domain that looks like twitter.com but has extra characters
What to do now
- Never send crypto to an address promising to return double — this never happens
- Access Twitter/X account management by navigating directly to x.com rather than clicking email or DM links
- Enable two-factor authentication via Settings > Security and account access
- Report impersonation accounts using the three-dot menu on the profile > Report
- Treat all unsolicited DM links with extreme suspicion regardless of the apparent sender
- File a report with the FTC if you lost money to a Twitter/X-based scam
Frequently asked questions
Does paying for Twitter Blue / X Premium guarantee a legitimate account?
No. The paid verification checkmark indicates only that the account owner has paid a subscription fee; it does not verify the person's identity or that the account belongs to the name displayed. Impersonators can purchase the same checkmark.
What should I do if a hacked celebrity account sent me a crypto giveaway link?
Do not click the link or send any funds. Report the tweet and the account. If you already sent crypto, file a report with the FTC and IC3 — though crypto transfers are rarely recoverable.