🚨 ULTIMATE X SECURITY THREAD
the ONLY thread you need to lock down EVERY part of your X account. i review all the methods scammers use & how to easily avoid them!
prevent SIM swaps
remove telemetry
review active logins
manage app permissions
red flags to look out for
BOOKMARK + SHARE LFG
TRUSTED accounts are constantly compromised.. most think "it's not going to happen to me".. until it happens to you.. don't put your followers at risk!
==========
SIM SWAPS
SIM swaps occur when an attacker social engineers your phone provider to gain access to your phone number, thus giving them access to use your phone number as a recovery method into any accounts that are using that phone number as a recovery method.
SIM swaps can be EASILY prevented if you simply REMOVE your phone number as a recovery/2 factor authentication method from your accounts. it's that simple!
remove it from these 2 places:
settings > your account > account information > remove phone number (make sure you have an email address present prior to removal)
settings > security > 2 factor authentication > remove text/phone method (use software/hardware method instead)
NOTE: you may have to add your phone number to get verified or apply for community notes. it is safe to remove your phone number once you have been verified so that you do not leave your account susceptible to SIM swaps.
the popup that appears once you remove your phone number states "we highly recommend adding a phone number"; THIS IS NOT TRUE & IS A VERY OLD MESSAGE THAT HAS YET TO BE UPDATED - DO NOT ADD A PHONE NUMBER BACK OR YOU OPEN THE DOOR BACK UP FOR SIM SWAPS!
==========
REMOVE TELEMETRY
you are constantly being data mined. you can turn it off! keep your data private! it's in a few places outlined below:
• settings > privacy and safety > content you see > explore settings > turn everything off!
• settings > privacy and safety > discoverability and contacts > turn everything off!
• settings > privacy and safety > ads preferences > turn everything off!
• settings > privacy and safety > inferred identity > turn everything off!
• settings > privacy and safety > data sharing with business partners > turn everything off!
• settings > privacy and safety > location information > turn everything off!
==========
REVIEW ACTIVE LOGINS
do you know who has access or is already in your account? check for & remove unwanted access by accessing session settings outlined below:
• settings > security and account access > apps and sessions > sessions > review this!
• settings > security and account access > apps and sessions > account access history > review this!
• settings > security and account access > apps and sessions > logged-in devices and apps > review this!
• settings > security and account access > connected accounts > review this!
• settings > security and account access > delegate > review this!
• settings > privacy and safety > direct messages > manage encrypted devices > review this!
==========
MANAGE APP PERMISSIONS
over time you may have given apps permissions to access your account. you may have also forgotten about those permissions you allowed to your account. managing what apps you have given access to your account over time is crucial when it comes to your account security.
certain apps, whitelists, airdrops, etc. require you to give permission to your account in order to gain access; regardless, once this step is completed it is important to remove that access as it's most likely no longer needed.
malicious websites, such as fake Calendly invitations or fake airdrops, often ask you to give full permissions to your account account in order to proceed; this is why it's important to READ the website you are on & the permissions you are giving access to, let alone consider if the permissions are needed at all to begin with.
for example, let's say you have an intern managing your projects account. they get a message from a fake "Forbes Magazine" account to interview the project. the intern clicks the link to setup a meeting. since they did not take a moment to look at the link they were clicking, along with the website they were taken to, they quickly allow permissions the website is asking for. those permissions just gave the attacker full access to the project account without even having to know it's password.
check & remove access:
settings > security and account access > apps and sessions > connected apps > remove permissions for apps that you are no longer using or no longer need
most of the time apps need permission for a single action & can be removed right after. always be sure to READ what permissions you are giving access to when anything prompts to connect to your account.
==========
RED FLAGS
before responding to a DM or engaging with a post, it's important to check for red flags in order to avoid getting scammed. it may be an account that is imitating an account you are familiar with, or it may be an account you trust that may be compromised at that moment in time.
NO MUTUAL FOLLOWERS
make sure you are following trusted accounts so when you are interacting with anyone there are at least mutual followers in common that you can trust to authenticate the account in question.
ALL POSTS ARE REPOSTS
the user does not have any posts they have made themselves, instead they appear to have activity on their timeline but all the activity is actually from other real accounts, not their own.
COMMENTS ARE DISABLED
any time a post has comments disabled out of the blue, or is stating that comments are disabled to prevent spam, it's a massive red flag; when comments are off users can not warn others that they are about to interact with a scam.
ACCOUNT JOINED YEARS AGO
all previous activity has been deleted - history of posts only goes back a short period of time - the account was most likely compromised, taken over, deleted history & used to distribute phishing/scam links in the guise of appearing legitimate by having a large following.
SIMILIAR ACCOUNTS
scammers love to mimic display names on X in order to appear as a real account, so performing a search on the display name of an account may reveal that you are actually not interacting with the right account. a quick check goes a long way.
MASKED LINKS
scammers are able to mask links by using redirects & forwards. for example, by making a scam link LOOK like it's going to the official project website. use free tools like http://unshorten.it which lets you see where a links final destination is, http://virustotal.com to scan the link for threats, or http://browserling.com to render the website within a browser window before you actually open it on your device once you confirm it's safe.
==========
TL;DR
• use a strong, unique, randomly generated password as your first line of defense
• enable software or hardware based 2FA (NOT TEXT/MOBILE BASED)
• ensure your phone number is completely removed from your account to prevent SIM swaps
• remove telemetry so you are not constantly data mined
• check active logins to ensure you are the only one in your own account
• manage app permissions to close off access to third parties
• stay vigilant of red flags
• use an antivirus (like @malwarebytes
) to block malware, trojans & other web2 threats
• use @wallet_guard
to proactively block wallet drainers & other web3 threats
==========
if you made it this far i want to give you a BIG shout out for caring about security BEFORE you get compromised.
being proactive is essential especially in web3. these web2 threats bleed into web3, so i will continue creating in depth threads on exactly what to do to help you stay secure. let's onboard people safely together.
be sure to follow, like, share & bookmark if you haven't done so already!
got a security topic or question you want me to go in-depth on? drop a comment.. stay safe fam!