Twitter Family Tree is actually a secret scam to take control of your account.

DeFodi Images via Getty Images

A new meme on Twitter where users tweet their “Twitter family tree” has secretly allowed the API of a seedy website to access your account and follow other accounts without your knowledge.

What happened?

A website called roundyear.fun became popular with many Twitter users for its tool of showing you your “Twitter family tree,” which is actually just some of your most interacted accounts on a family tree diagram. In particular, a user discovered the true origin of the accounts that appear on your family tree:

  • Parents: Top 2 accounts with the most likes from you.
  • Spouse: Account with the most interactions.
  • Children: Two accounts in your last replies.

While it sounds fun and cute, it really is a scam to take control of your Twitter account without you knowing. When they click the website, a prompt will appear asking users to sign in with their Twitter account. The “Publish a tweet with your result” option will be selected automatically.

A login page for roundyearfun.org, maker of Twitter Family Tree.

The login prompt for Twitter users who want to build a Twitter family tree.

From: Roundyearfun.org

So what?

After logging into their API and giving them access to your Twitter, the Twitter family tree website can:

  • View tweets from your timeline (including protected tweets), as well as your lists and collections.
  • View your Twitter profile information and account settings.
  • View accounts you follow, mute, and banned.
  • Follow and unfollow accounts for you.
  • Update your profile and account settings.
  • Post and delete tweets for you, and get involved on tweets posted for you by others (like, un-like, or replying to a tweet, retweet, etc.).
  • Create, manage and delete lists and collections for you.
  • Mute, lock, and report accounts for you.

This affects many levels and poses an imminent security threat to anyone who has fallen victim to this fraud. What seems to be happening is this website is tracking accounts from your account and then muting them so you don’t see them in your feed. This is a sneaky way to take control of a Twitter account without the user suspecting something wrong has happened. There is also a risk that more action will be taken in the future, and this is just the beginning.

A website called Affinitweet has a similar, non-seedy API that allows users to play fun games and get interesting stats about their account. In 2020, they shed light on Round Year Fun’s tactics, making this Twitter family tree trend not the first time they have abused the privacy and account security of Twitter users.

What is likely happening here is what is referred to as “mega” in social media growth circles. Ordinary people who want to grow their Twitter account in unconventional and often sketchy ways pay a media growth service or agency to get followers. Often times, this service is untruthful or secret about how they add to your account and uses tactics like these to get you real followers.

“Help! I did this. How do I secure my Twitter account from the Twitter family tree?”

Fortunately, if you’re reading this article, you will still have time to save your account and stop giving Round Year Fun access. Here is a tweet that has the instructions on how to secure your Twitter account by revoking access in Settings:

It’s important to learn that these often fun-sounding Twitter and Facebook games are usually schemes for collecting data or controlling your social media accounts for the benefit of others. It is advisable to research such a trend beforehand and also to read the access you give a website on Twitter.