Hacking. Disinformation. Surveillance. CYBER is Motherboard’s podcast and reporting on the dark underbelly of the internet.
People often get locked out of their online accounts. Sometimes they may have lost access to the email address registered to the account. Or perhaps the site or social network’s process for getting back in is so convoluted or ineffective, like Instagram’s, that people pay thousands of dollars for help from semi-professionals.
This market of third-party account recovery services is a seemingly ballooning industry, with some legitimate players and likely some scams too. And now they’re fighting over potential clients who tweet about their hacked or otherwise inaccessible accounts, using bots to automatically reply to people on Twitter pointing people to their recovery services.
Motherboard used a Twitter account with no followers to tweet “help my account got hacked.” Straight away multiple, apparently automated, accounts replied.
“Dm for immediately recovery,” one wrote in reply to the tweet.
“Reach out [username] on Instagram he is honest and reliable also fast in recovery of hacked, suspended,deleted,band [banned],and disabled account.I think he is the best,” another wrote in their reply.
Do you know anything else about these account recovery services? We’d love to hear from you. Using a non-work phone or computer, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, or email email@example.com.
After a short pause, more accounts replied with similar tips on who to contact for help.
Motherboard then messaged some of the alleged account recovery services that replied and others elsewhere on Twitter, to see what sort of information they requested and what accounts they said they could get back into. One said they offered services for “all social media accounts,” as well as bank and game accounts.
Some of them had immediate red flags, spouting gibberish that they needed $65 to buy a “firewall booster online.” When asked what that is, exactly, the account said “It’s a 3D injection tool online which we use to reset account network is fast would be done within 45min.” This, on the face of it, was a scam. They asked for payment in Bitcoin, Ethereum, or via Zelle, PayPal, or Cash App.
Another said they required the hacked account’s login details and a screenshot of it. As Motherboard has reported, some effective account recovery services do ask for their clients usernames and passwords. But, there is a risk of exposing your account further if the person does manage to get in, or perhaps not provide the account back to you as agreed.
There are also apparent Twitter bots replying to people who tweet that they need to gain access to their Coinbase or other cryptocurrency account. Of course, if a service did manage to get back into such an account, they may be tempted to keep any cryptocurrency for themselves, if possible.
Various site’s account recovery practices can be pretty lackluster and hard to navigate, but contacting companies directly is still the safest way to start. If you’re going to reach out to random service online, just be aware it might be a scam.
Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.