Skip to main content

New phishing campaign targets Twitter Blue users amid X rebrand confusion

Web Hosting & Remote IT Support

A new phishing campaign is targeting Twitter Blue subscribers amid the social media platform’s messy transition to X, and the consequences could be catastrophic.

Twitter owner Elon Musk and new CEO Linda Yaccarino hope that the platform will soon become X, but the transition has been anything but smooth, with rebranding at the HQ going, well, not to plan. Furthermore, the discrepancy between the website and mobile apps is giving some users a complete headache.

Hoping to capitalize on this confusion, one threat actor is offering Twitter Blue subscribers to transfer their membership to X, but all this does is give the cybercriminal access to a user’s entire Twitter account.

Twitter Blue/X phishing emails

To an unsuspecting target, the email looks to come from a legitimate source, with the display name showing ‘sales@x.com.’ The email passes SPF authentication checks despite actually coming from mailing list platform Sendinblue (now known as Brevo). 

Read more

> These are the best malware removal tools around

 > Watch out - that unexpected Microsoft alert could well be a phishing attack

 > Google Docs phishing scams are on the rise - here's what you need to know

A screenshot of the email posted by Twitter user @fluffypony claims that a victim’s “existing subscription is nearing its expiration and requires migration,” with a link directing users to a completely legitimate API authorization page. The fact that it’s legitimate means that, upon approval, the threat actor then has access to a user’s Twitter account.

Along with a few view-only capabilities, the API allows the threat actor to amend follwers, update profile and account settings, post and delete Tweets, engage with other Tweets, and more.

Fortunately, revoking API access is fairly easy on Twitter, by navigating to Settings > Security and account access > Apps and sessions > Connected apps.

Checking these settings is generally a good idea whether you have been targeted by this phishing attack or not, purely in the interest of good Internet hygiene. For those not quick enough to disable the dodgy service, it’s unclear what the result could be. In the worst-case scenario, they could be locked out of their account with any manner of activity going on, in which case they may want to consider using identity theft protection software.



via Hosting & Support
Labels:

Comments

Post a Comment

Web Hosting
Remote IT Support
Sites & Socials
Computing Handbook - $9.95

Popular posts from this blog

Hacking Huawei Modems

Post a Comment
Read more

Report: Android's desktop mode might allow future tablets to double as computers

Web Hosting & Remote IT Support Back in April , evidence surfaced online revealing that Google was working on improving Android's desktop mode. Early demos show it’ll be more user-friendly than before by having movable windows, although it still lacks vital features. Since then, we haven’t heard much about the project until recently, when it popped up again in the “latest Android 15 Beta 4.1 release”. Android expert Mishaal Rahman discovered that Android’s feature may work on a tablet – provided it has a big enough display. In the build, he states that if you go to the device’s 'Recents' view and open the dropdown menu for an app, you will see a new button called “Desktop.” Tapping said button causes whatever app you were on to turn into a free-floating window. From here on, it behaves similarly to a browser on Samsung's New DeX system. The app can be minimized, maximized, attached to the side, or connected to another window. Down at the bottom is a taskbar
Post a Comment
Read more