Twitter enables this through not checking the account in a URL... a simple fix would be to actually respect the Twitter URL components, if the account doesnt match the linked tweet, don't redirect...
Right now you can spoof (just as far as the URL displayed in an anchor tag) the account to be whatever you like:
This will redirect you to the following, but as content within a tweet, it will look like a legit post from Elon. Crypto-scams are using this in every single post.
Right now you can spoof (just as far as the URL displayed in an anchor tag) the account to be whatever you like:
Example:
https://twitter.com/elonmusk/status/1745190441539293271
This will redirect you to the following, but as content within a tweet, it will look like a legit post from Elon. Crypto-scams are using this in every single post.
https://twitter.com/ElonMuskAOC/status/1745190441539293271