Twitter has officially rolled out its Twitter Blue program for an $8 monthly fee that confers upon the Tweeter multiple benefits, including the much-sought blue badge.
Whereas previously, only accounts of notable personalities and organizations earned the blue-tick, it’s now open to anyone willing to shed the monthly fee.
But, all this has led to its own set of problems, such as threat actors now impersonating famous people and still being granted a “verified” status.
Revamping the ‘Lords & peasants’ system
Starting this week, Twitter iOS app users can subscribe to Twitter Blue for $8 a month.
Subscription comes with a variety of benefits including prioritized tweets, fewer ads, the ability to post longer multimedia content, and above all, a “verified” blue badge being added to your profile.
But, it appears the rollout hasn’t gone all that smoothy, with Twitter yet to weed out potential abuse of its new verification policy.
Alongside the official Rockstar Games Twitter account, for example, surfaced a misspelled @RockstarGamse account, according to engineer and YouTube tech influencer Barnacules Nerdgasm.
The fake ‘RockstarGamse’ account was also granted a blue badge as it enrolled in the paid Twitter Blue program:
Here we go again, another verified impersonation account this time for @RockstarGames Keep in mind that @elonmusk was warned this would happen & people like @theh3podcast even proved it by impersonating Elon himself & intercepting thousands of DM’s meant for him! TURN THIS OFF pic.twitter.com/XhRKqJul1K
— Barnacules Nerdgasm Real Pre-Elon Checkmark (@Barnacules) November 10, 2022
A stark distinction so far that separates Twitter Blue accounts with the blue badge from ‘notable’ accounts verified prior to the new policy rollout is the wording contained within the blue badge.
For Twitter Blue accounts, tapping or clicking on the blue badge reads: “This account is verified because it’s subscribed to Twitter Blue.”
Whereas, accounts carrying the legacy blue badge state that these were verified for being “notable in government, news, entertainment, or another designated category.”
Another such instance BleepingComputer came across is a fake “Elon Musk” Twitter account (@WA9ACE) which at the time of writing is still live.
The account carries the the profile picture, bio and banner copied straight from Elon Musk’s real account and yet manages to receive a blue tick after enrolling in Twitter Blue:
(BleepingComputer)
And it seems, the process of impersonating prominent figures on Twitter and procuring a blue tick takes under 25 minutes:
It took me less than 25 minutes to set up a fake anonymous Apple ID using a VPN and disposable email, attach a masked debit card to it (with the address being Twitter’s HQ), and get a verified account for a prominent figure. Just think what a nation-state or bad actor could do…
— Jack Lawrence (@JackMLawrence) November 9, 2022
Price discrimination: How much is the fee?
Researcher Jane Manchun Wong who frequently uncovers up and coming Twitter tweaks observed seeing two monthly prices for Twitter Blue on the app: $4.99 and $7.99, without it being clear which plan offers what. Others reported seeing fees as low as $2.99.
BleepingComputer also observed dual pricing as of this morning when accessing the Twitter Android app in United Kingdom, but the screen appears to have been rolled back for British users.
Earlier this month, Musk who is now Twitter’s CEO, announced plans to roll out the $8 Twitter Blue fee noting that it will be “adjusted by country proportionate to purchasing power parity.”
Seeing multiple prices for Blue in the same region, however, appears to be more of a technical glitch. And, it’s reasonable to say, you’ve been warned:
Please note that Twitter will do lots of dumb things in coming months.
We will keep what works & change what doesn’t.
— Elon Musk (@elonmusk) November 9, 2022
Musk had earlier vowed to revamp the platform’s verification process, after dissing it as “lords & peasants system.”
But, Twitter’s new leadership and upcoming policy changes did not sit well with everyone, with many flocking to Mastodon, a decentralized micro-blogging platform.
Following much speculation and chatter surrounding Twitter’s plans of awarding paid blue ticks, phishing actors began targeting verified users.
Other than carrying a “status symbol” perception for some, the blue badge is primarily intended to separate real, authentic accounts of notable people from fraudulent copycat and parody accounts—at least in theory.
Granted, verified accounts can be and have been previously hacked, the legacy verification process intended to limit misinformation. In the sense, that a tweet originating from a verified account could be regarded as ‘authentic’ and not originating from someone impersonating a public figure.
The blue badge being rolled out for everyone for a fee makes this distinction slightly harder for users.
Interestingly, users ephemerally spotted ‘Official’ labels appearing on the verified profiles of known brands and personalities that already contained the blue tick, but these labels disappeared as of a few hours ago after Twitter reversed its stance.
Anyone can get a blue tick mark for $8 but not the badge (“profile”) such as “Official” or “${country} official government account” or “Musician” etc. So This is how they are going to solve the problem of anyone claiming to be “Elon Musk” with a blue tick mark 😉 pic.twitter.com/KtmIe6HKvT
— nixCraft (@nixcraft) November 9, 2022
Without a streamlined verification process that clearly separates authentic notable accounts from imposters, the problems of Twitter’s existing verification sphere are here to stay.