When someone posts a link on X, the site generates a link preview. But reportedly, this system can be tricked, and bad actors can redirect you to malicious sites from a falsely advertised link preview.

As noted by security researcher Will Dormann, some posts on X purport to lead to a legitimate website, but actually redirect somewhere else. In Dormann’s example, an advertisement posted by a verified X user claims to lead to forbes.com. When Dormann clicks the link, however, it takes him to a different link to open a Telegram channel that is, “helping individuals earn maximum profit in the crypto market,” he said. In short, the “Forbes” link leads to crypto spam

  • r3df0x ✡️✝☪️@7.62x54r.ruEnglish
    1·
    8 months ago

    You can manually set things to be private, but I don’t know if there’s any way to set everything as private by default.

    It has the problem with all Facebook alternatives where they feel like Twitter without post limits.