Washington Post Pokes Holes in Elon Musk’s Twitter Verification Fix by Impersonating a Senator

Tech columnist Geoffrey A. Fowler wrote Thursday how he verified an imposter account for Sen. Ed Markey

Senator Ed Markey impersonated on Twitter
Jemal Countess/Getty Images

Elon Musk and his Twitter have been making headlines yet again this week for a series of layoffs and resignations, but chatter returned Thursday to the embattled CEO’s previous handling of his social media platform’s verification process.

Tech columnist for The Washington Post Geoffrey A. Fowler – for a second time – successfully verified an account impersonating Massachusetts senator Ed Markey.

The account @SenatorEdMarkey has been suspended since Fowler’s op-ed published Thursday, but it adequately served its purpose of exposing the continued pitfalls in Musk’s security measures when Fowler, posing as the senator, went viral on Tuesday after Gisele Fetterman incorrectly tagged him on the platform.

“The problem is, @SenatorEdMarkey is actually me, not the real Sen. Edward J. Markey. It’s a test of Twitter’s $7.99 per month Blue ‘verification’ service I made with the permission of the real Democrat from Massachusetts,” Fowler wrote. “I wouldn’t blame anyone for being confused: My test account has the senator’s name and photo and a blue check mark that says it is ‘verified.’ But Twitter, it seems, isn’t verifying much of anything.”

The columnist explained that while this was his second time making a fake-but-verified account for Sen. Markey, this time there was some added red tape that “might dissuade some impatient impersonators.” But he was still never asked to provide a form of identification through the verification process. After applying on Dec. 12, his @SenatorEdMarkey Twitter account was verified by the end of the year.

“Oops! I did it again,” Fowler teased.

Since Musk announced last Thanksgiving his added measures to protect public figures from being impersonated with a blue check, Twitter Blue has admittedly not fallen back into what Fowler coined as the “impersonation circus” we saw when the CEO first rolled out his free-for-all ability for users to purchase verification.

“Gold check for companies, grey check for government, blue for individuals (celebrity or not) and all verified accounts will be manually authenticated before check activates,” Musk wrote at the time.

While it’s unclear what manual authentication looks like in this case, one of the added hurdles Fowler documented in his column is a 90-day waiting period for accounts to be accepted into verified status; new accounts are not eligible. Additionally, verified accounts are required to link to a phone number before signing up for Blue. “To do that,” Fowler explained, “I visited the T-Mobile store at the mall, and got a 1-month temporary number for $15 — no name or ID required.”

With those two pieces in place, and never having been asked for additional identification such as a photo of his driver’s license, @SenatorEdMarkey was verified in no time.

“As far as I can tell, Twitter has never said what goes into “manually authenticating” an account,” Fowler wrote. “Since Musk bought Twitter, the company also now has a greatly reduced workforce — so it’s not clear who’d be around to do the checking.”

Comments