Bluesky is greater than ever. As the new social media platform experiences rapid growth, it’s undergoing a period of growing pains. As scammers and impersonators seize upon the influx of newcomers, Bluesky’s vulnerability to fraudulent activity is starkly highlighted by its absence of a standardized verification process, leaving a window of opportunity for malicious actors to exploit.
According to Alexios Mantzarlis, director of the Safety Belief and Security Initiative at Cornell Tech, a recent evaluation revealed that 44% of the top 100 most-followed accounts on Bluesky were replicated by “doppelgangers”, with many mimicking larger accounts down to identical bio and profile images.
Unlike many of its peers, which provide checkmarks and official badges to authorities officers, celebrities, and other high-profile accounts, Bluesky adopts a more laissez-faire approach to verification. Rather than relying on customers to self-verify notable accounts by using a customised username as their address, the corporation promotes proactive account authentication through alternative methods.
Engadget has reportedly partnered with Bluesky. When verifying our account, we may opt to modify it to Engadget.com instead. Some media organizations, such as CNN and Al Jazeera, have carried out this initiative on their official social media accounts. Individuals can also verify this information through a secure online platform.
The process of modifying one’s approach proves to be significantly more challenging than simply revising their correspondence. Entities are also required to update the DNS document relevant to their region. While this approach can prove an intelligent solution to verification, with only the site’s precise owner able to access the DNS document, it also presents a multitude of drawbacks. This certification program, though valuable, is not universally available to individuals seeking verification. Offers personalized domain names for customers without a pre-existing domain.
While verification procedures are indeed sophisticated for those seeking to link multiple accounts within the same region, it’s puzzling why this level of scrutiny isn’t similarly applied to journalists on Bluesky, whose reports are arguably just as critical in ensuring the accuracy and reliability of information? While Bluesky’s research implies that organizations may benefit from seeking assistance from their IT departments in this regard.
There are different points. Once modified to align with a new site, your outdated alias – previously unavailable due to the change – becomes accessible again, such as engadget.bksy.social. To avoid confusion, you’ll need to create a fresh email address to reclaim your old domain, or risk an imposter hijacking the existing one. Despite adding a customised area, this does not provide foolproof protection against impersonation. A skilled fraudster could potentially create a convincing impersonator profile in a seemingly identical online environment and then “verify” their fake identity.
Bluesky’s lack of visual cues makes verifying an account’s status a challenge, as no distinct indicators—such as a verification badge—are provided for verified accounts, leaving users to rely solely on the title.
Some Bluesky customers have resorted to devising their own temporary solutions to mitigate the issue. Hunter Walker, a seasoned investigative journalist and one of the earliest adopters of Bluesky, has taken the initiative to personally verify numerous high-profile accounts, including , in order to ensure the accuracy and integrity of his reporting. As of now, he has successfully verified more than 330 individuals, including prominent figures such as Congresswoman Alexandria Ocasio-Cortez, rapper Flavor Flav, entrepreneur Mark Cuban, and legendary singer-songwriter Barbra Streisand.
In an interview with Engadget, Walker emphasizes his rigorous journalistic standards, stating that he always verifies information through multiple credible sources before sharing any details. I prefer to confirm that it’s been verified. As I engaged with Bluesky, I couldn’t shake the feeling that, at its core, everything remained uncertain?
In the span of just a couple of weeks, Walker has invested approximately 16 hours in meticulously verifying accounts. While his approaches vary depending on the individual, he typically employs a tactic that involves contacting someone affiliated with the target person through a formal channel, such as an organizational email address. Celebrities’ representatives often have the authority to authenticate their clients’ authentic BlueSky profiles.
“I’ve consistently outsmarted numerous scammers and impostors, yet you never truly know who to rely on,” Walker notes. While some common journalists may indeed possess three to four impersonators, it’s worth noting that this assertion is not without controversy. They require an additional step, which isn’t necessarily related to verifying their identity through a website.
Walker curates starter kits comprising vetted journalist and influencer profiles. Recently, he elevated his verification process by collaborating with someone to develop a personalized solution that could add various emojis to accounts he’s verified, making his “verified” indicator more distinctive. Subscribers to our service will notice that certain profiles are denoted by 😎 for celebrities and public figures, as well as 🌐 for journalists.
While such initiatives may serve as temporary measures, Walker will be unable to verify every prominent account on Bluesky personally. Wouldn’t diverse groups, such as academics and researchers from various colleges, independently initiate informal fact-checking processes? Without assistance from Bluesky or a third-party identification service, he anticipates that impersonation will persist as an issue.
Widespread impersonation on Bluesky can lead to far-reaching consequences, potentially compromising the integrity of the platform and its users’ experiences. “Misaligned verification processes can be a harbinger of larger deception and a magnet for sophisticated disinformation operatives,” stated Cornell Tech’s Mantzarlis, highlighting that Vice President Kamala Harris had 20 impersonator accounts on Bluesky despite not having an official presence on the platform.
However, Bluesky has publicly acknowledged that impersonation is indeed a significant issue. This week, the corporation noted a predictable surge in harmful online content, which aligns with its ongoing expansion. According to a press release issued to Engadget, Emily Liu, a spokesperson for Bluesky, stated that the company has “quadrupled” its moderation team, enabling it to handle impersonation review complaints more expeditiously. Liu noted that Bluesky is exploring “simpler, more prominent alert options” to enhance the user experience, though specific details remain unclear.
While Bluesky currently operates with a modest team of 20 full-time staff members, its hesitation to explore alternative verification strategies beyond proprietary domains is notable. “We’ve collaborated discreetly with prominent entities, including official organizations and influential figures such as celebrities and elected officials, to secure verification of their social media profiles on Bluesky in conjunction with their official websites,” Liu stated. “With domain-based verification, our goal is to empower organizations by placing the tools for verification directly into their hands, thereby avoiding a scenario where Bluesky becomes the sole gatekeeper for verifying identities on the network.”
Bluesky’s reluctance to take on the role of verifier is understandable in many respects. Verification has a complex and convoluted history across various platforms. On Twitter, an emblem originally designed to combat impersonators swiftly transformed into a symbol of solidarity. On Instagram, verification has historically been abused by scammers. Corporations across various social media platforms allow customers to purchase verified blue checkmarks, while also proactively verifying certain types of accounts, such as those belonging to government officials.
Despite her initial reservations, Bluesky CEO Jay Graber has left the door ajar for alternative verification methods. During a recent Twitch livestream, she hinted that her employer might eventually become a “verification provider,” sparking speculation about a potential future system featuring multiple verification suppliers. Graber left unclear when a scenario like this might unfold, her timeline uncertain.
Walker, reiterating his agency’s perception that “Bluesky has the juice,” hopes that his verification effort will prompt Bluesky to adopt a different approach. I’m actually hoping that individuals take note of the queries surrounding belief and identity. “The flexibility of open-source development offers a unique chance to shape the project’s direction, allowing us to craft our vision and create something tailored to our needs.”
