New phishing campaign targets Twitter Blue users amid X rebrand confusion

News
By published

Twitter Blue users told to watch out for new X scam

X logo and Twitter logo with arrows showing swap
(Image credit: Shutterstock ID 2336591191)

A new phishing campaign is targeting Twitter Blue subscribers amid the social media platform’s messy transition to X, and the consequences could be catastrophic.

Twitter owner Elon Musk and new CEO Linda Yaccarino hope that the platform will soon become X, but the transition has been anything but smooth, with rebranding at the HQ going, well, not to plan. Furthermore, the discrepancy between the website and mobile apps is giving some users a complete headache.

Hoping to capitalize on this confusion, one threat actor is offering Twitter Blue subscribers to transfer their membership to X, but all this does is give the cybercriminal access to a user’s entire Twitter account.

Twitter Blue/X phishing emails

To an unsuspecting target, the email looks to come from a legitimate source, with the display name showing ‘sales@x.com.’ The email passes SPF authentication checks despite actually coming from mailing list platform Sendinblue (now known as Brevo). 

Read more

> These are the best malware removal tools around

> Watch out - that unexpected Microsoft alert could well be a phishing attack

> Google Docs phishing scams are on the rise - here's what you need to know

A screenshot of the email posted by Twitter user @fluffypony claims that a victim’s “existing subscription is nearing its expiration and requires migration,” with a link directing users to a completely legitimate API authorization page. The fact that it’s legitimate means that, upon approval, the threat actor then has access to a user’s Twitter account.

Along with a few view-only capabilities, the API allows the threat actor to amend follwers, update profile and account settings, post and delete Tweets, engage with other Tweets, and more.

Fortunately, revoking API access is fairly easy on Twitter, by navigating to Settings > Security and account access > Apps and sessions > Connected apps.

Checking these settings is generally a good idea whether you have been targeted by this phishing attack or not, purely in the interest of good Internet hygiene. For those not quick enough to disable the dodgy service, it’s unclear what the result could be. In the worst-case scenario, they could be locked out of their account with any manner of activity going on, in which case they may want to consider using identity theft protection software.

Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

Read more
Smartphone with new logo X twitter app background. Application twitter old blue bird change X black and white new.
Phishing campaign targets prominent X users, accounts at risk
Fraude en ligne phishing
Google forced to step up phishing defenses following ‘most sophisticated attack’ it has ever seen
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
These fake GitHub "security alerts" could actually let hackers hijack your account
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Microsoft authentication system spoofed via phishing attack
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Everything you need to know about phishing
A TV remote pointing at YouTube logo
YouTube warns of phishing video using its CEO as bait
Latest in Pro
cybersecurity
What's the right type of web hosting for me?
Security padlock and circuit board to protect data
Trust in digital services around the world sees a massive drop as security worries continue
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
construction
Building in the digital age: why construction’s future depends on scaling jobsite intelligence
Latest in News
L-mount alliance
Sirui joins L-Mount Alliance to deliver its superb budget lenses for Leica, DJI, Sigma and Panasonic cameras
Security padlock and circuit board to protect data
Trust in digital services around the world sees a massive drop as security worries continue
Samuel and Romy standing very close together in A24's Babygirl movie
Everything new on Max in April 2025, including A24's Babygirl and The Last of Us season 2
An AMD Radeon RX 9070 XT made by Sapphire on a table with its retail packaging
AMD’s secret weapon against Nvidia seems to be stock – way more RX 9070 GPUs are rumored to be hitting shelves than RTX 5000 models
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
Seth Milchick and Kier Eagan's animatronic speaking in Severance season 2 episode 10
Apple TV+ announces Severance has been renewed for season 3 after that devastating finale
More about pro
Uperfect 23.8-inch dual foldable display

This is the largest dual-screen monitor I've ever seen, and at almost 24 inches each, it's bigger than a 43-inch super wide display
Apple Mac Studio

Apple Mac Studio M3 Ultra workstation can run Deepseek R1 671B AI model entirely in memory using less than 200W, reviewer finds
Nvidia Quantum-X and Spectrum-X Silicon Photonics

Nvidia is planning post-copper 1.6Tbps network tech to connect millions of GPUs as it unveils photonics networking gear at GTC 2025
See more latest
Most Popular
Nvidia Quantum-X and Spectrum-X Silicon Photonics
Nvidia is planning post-copper 1.6Tbps network tech to connect millions of GPUs as it unveils photonics networking gear at GTC 2025
Uperfect 23.8-inch dual foldable display
This is the largest dual-screen monitor I've ever seen, and at almost 24 inches each, it's bigger than a 43-inch super wide display
Apple Mac Studio
Apple Mac Studio M3 Ultra workstation can run Deepseek R1 671B AI model entirely in memory using less than 200W, reviewer finds
The cover art for popular Max TV shows shown in a collage
Max has been adding some of Prime Video's most annoying features but also a load of better upgrades
AMD Instinct MI355X Accelerator
AMD signs huge multi-billion dollar deal with Oracle to build a cluster of 30,000 MI355X AI accelerators
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
Gemma staring at something off-camera in Severance season 2 episode 10
'Everyone is going to be so torn': Severance star Dichen Lachman reacts to the popular Apple TV+ show's most 'intense' season 2 finale event
L-mount alliance
Sirui joins L-Mount Alliance to deliver its superb budget lenses for Leica, DJI, Sigma and Panasonic cameras
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Security padlock and circuit board to protect data
Trust in digital services around the world sees a massive drop as security worries continue