When someone posts a link on X, the site generates a link preview. But reportedly, this system can be tricked, and bad actors can redirect you to malicious sites from a falsely advertised link preview.

[As noted by security researcher Will Dormann](https://twitter.com/wdormann/status/1769946620479562100 "(opens in a new window)"), some posts on X purport to lead to a legitimate website, but actually redirect somewhere else. In Dormann's example, an advertisement posted by a verified X user claims to lead to [forbes.com](http://forbes.com/ "(opens in a new window)"). When Dormann clicks the link, however, it takes him to a different link to open a Telegram channel that is, "helping individuals earn maximum profit in the crypto market," he said. In short, the "Forbes" link leads to crypto spam

  • dynamojoe@lemmy.worldEnglish
    15·
    1 year ago

    I need a firefox plugin that blocks Twitter. Not tweets from blue checkmarks, the whole damn site.

    • AtmaJnana@lemmy.worldEnglish
      13·
      1 year ago

      I have Nitter Redirect installed, but Nitter stopped working. So it just blackholes all X links. Some day I'll add them to my pihole, I guess.

    • 4am@lemm.eeEnglish
      8·
      1 year ago

      PiHole can block any domain you want. AdGuardHome has a handy switch in the UI that does it for you.

    • oce 🐆@jlai.luEnglish
      8·
      1 year ago

      PrivacyBadger blocks embedded tweets, so since you're probably not going to visit the website itself, it should do the trick.

      • Agrivar@lemmy.worldEnglish
        6·
        1 year ago

        Plus, it has the added benefit of drawing attention to how many "articles" on other sites are just a long string of embedded tweets.