An urgent warning has been issued to millions of people flocking to Bluesky about a dangerous phishing email.
Just yesterday, The Sun revealed how Bluesky newbies were being targeted by expensive – but worthless – application invitations.
2
Listings on eBay showed unnecessary Bluesky invitations going for up to $300 (about £230).
Now experts have told The Sun there's another trick cybercriminals will try, all in a bid to keep you away from your private information or money.
Security expert Adam Pelton told us these digital scammers are prowling like a 'lion' as X (formerly Twitter) users rush to sign up to rival app Bluesky.
“At the moment, people are moving to BlueSky as an alternative to X,” Adam, senior cybersecurity advisor at CyberSmart, told The Sun.
“Cybercriminals will undoubtedly take advantage of this.
“Like a lion tracking a herd of wildebeest, cybercriminals will be watching the migration from one platform to another, ready to pounce.
“We will undoubtedly see fake messages inviting users to BlueSky, along with links that claim to lead there but instead direct users to malicious websites.”
He warned that users need to look out for highly convincing scam emails.
It works by taking advantage of the fact that millions of people have subscribed to Bluesky.
Scammers will send fake “authentication” emails asking users to verify themselves.
The hope is that these emails will reach the inboxes of people who have recently signed up.
Users often expect to receive this type of message after creating an account, so this is the perfect trick.
“In the coming days and weeks, when you receive these communications, it is important to verify their authenticity,” Adam warned.
“You may be contacted by what appears to be BlueSky with a verification link for new users. Be wary of these threats.
Blue Chaos – Don't fall victim to scams!
Here's the official advice from Paul Bischoff, consumer privacy lawyer at Comparitech, speaking to The Sun…
“Although Bluesky remains very quiet at the moment, we may soon see an influx of scammers looking to take advantage of the X exodus.
“Scammers will clone popular X accounts that have not yet been migrated to trick victims into following them. Scammers can then spread spam and scams through fake accounts. Be careful about who you follow!”
“Cybercriminals create malicious phishing Bluesky apps that trick users into installing them.
“This may be particularly annoying for users who do not have access to Google Play or the App Store and are forced to rely on third-party app stores without a rigorous screening and verification process, or in places where Bluesky is censored in the major app stores.
“As with any social media, we will see bots, spam, and phishing. Users can contribute to moderation efforts by reporting these accounts, but they will never completely disappear.”
Image credit: Bluesky Store / Google Play
“Although BlueSky may seem familiar, its newness presents opportunities for cybercriminals to exploit our lack of understanding of the platform.
“They may impersonate BlueSky managers, other authority figures, or even celebrities.”
Bluesky has been seeing a surge in popularity in recent weeks.
The app began in 2019 as an internal project at Twitter, but was spun off in October 2022.
It then launched as an invite-only social media app in February 2023.
In February of this year, Bluesky ended its invitation program – allowing anyone to sign up for free.
So, if you see anyone selling Bluesky invitations, ignore them: it's a complete scam.
“Unfortunately, with popularity comes scammers trying to take advantage of it,” Eric Krohn, security awareness advocate at KnowBe4, told The Sun.
2
“Because BlueSky has only been available by invitation for some time, scammers continue to operate on that information, leading people to pay for invitations even though they are no longer necessary.
“Since people may be in a rush to claim their username or for other reasons, they may not look into the fact that invitations are no longer needed.”
