Technology@beehaw.orgEnglish · 1 year ago

[Corp Blog] Twitter Blue to X Phishing Breakout – Gridinsoft Blogs

gridinsoft.com

[Corp Blog] Twitter Blue to X Phishing Breakout – Gridinsoft Blogs

gridinsoft.com

Elephant0991@lemmy.bleh.au to

Technology@beehaw.orgEnglish · 1 year ago

Twitter Blue to X Phishing Breakout – Gridinsoft Blogs

gridinsoft.com

Amid the chaos of Twitter’s transition to the new name – X, scammers have devised yet another deception scheme. They offer Twitter Blue users to transfer their subscriptions to X, but the victim gives the attackers access to their Twitter account instead of moving. Twitter Blue to X Phishing Emails As Twitter’s global rebranding is… Continue reading Twitter Blue to X Phishing Breakout

Summary

Scammers exploit Twitter’s rebranding (transition to name “X”) confusion for phishing.
Twitter Blue users targeted, offered migration to “X,” but scammers gain account access.
Phishing emails seem genuine, appearing to come from x.com and passing the Security Policy Framework (SPF), and include deceptive authorization link, opening a legitimate API authorization screen.
Clicking link grants attackers control over victim’s Twitter account settings and content.
Victims can block access by revoking app authorization in Twitter settings.
Twitter is aware and “working on a solution.”

Article's Safety Recommendations (probably a bit generic and self-promotional)

Being cautious with unfamiliar emails, especially attachments or links.
Verifying URLs by hovering over them.
Not sharing personal info on suspicious/unknown sites.
Be careful with attachments and links.
Using two-factor authentication (2FA) for account security.
Keeping antivirus software updated to prevent malware.

Edited based on comment from: @incogtino@lemmy.zip

Chat

baseless_discourse@mander.xyz
link
fedilink
arrow-up
23·
1 year ago
Safety Recommendations: Quit Twitter.
- incogtino@lemmy.zip
  link
  fedilink
  English
  arrow-up
  13·
  1 year ago
  Ethical phishing: Email Twitter users, steal their credentials, close their accounts
  
  /jk
  - delmain@beehaw.org
    link
    fedilink
    English
    arrow-up
    3·
    1 year ago
    
    /jk
    
    … unless

Technology@beehaw.org

technology@beehaw.org

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@beehaw.org

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

438 users / day
1.14K users / week
2.78K users / month
7.76K users / 6 months
1 local subscriber
37.7K subscribers
3.37K Posts
75.2K Comments
Modlog