- A phishing -campaign is aimed at X users, experts warn
- Fake login -e -emails are sent to the victims
- The goal is to take over accounts and announce a fraudulent crypto scheme
High-profile accounts on the social media network X (formerly known as Twitter) are targeted by a phishing campaign, experts have warned.
A report from Sentinellab’s outlined how prominent accounts belonging to US political figures, major tech organizations, leading international journalists and even an X employee have been attacked through a phishing campaign.
Although the primary targets are large accounts with a high follower account, everyone must be looking for this attack: Here’s what we know so far.
Economic goals
In his report, Sentinellabs notes that the goal of the attack is to compromise an account, unlock the legitimate owner and send fake cryptocurrency options or links to external sites designed to ‘lure further targets’, most often with a crypto-theft Related theme.
It seems that the attack comes from a number of phishing tactics, one of which is the notorious login message. This works by sending the victim an E email to notify them that their account was accessed from a new device and that the location of the device was in a foreign city.
From there, a link is delivered to users to ‘secure’ their accounts and give their username and change the account password. This page is false and the victims have then inadvertently delivered their credentials to a threat actor.
The campaign uses multiple phishing domains for this, as X-Recoversupport[.]com and Securelogins-X[.]com, and in some cases, researchers observed the campaign that abuses Google’s ‘AMP cache’ domain to bypass E -mail detections and redirect the user to a phishing domain.
The criminal then takes over the account and starts using the accounting audience to advertise cryptocurrency scams. The high profiled accounts allow criminals to maximize their financial profits by reaching a wider audience and collecting more victims.
Crypto fraud is incredibly dangerous, and lucrative, where the FBI recently assessed in 2024 alone, the scams cost the victims more money than ransomware.
Remains safe
To avoid such false schemes, investors must be ultra-careful that their investment is legitimate. The Cryptocurrency Market is largely unregulated, making it the perfect environment for scammers and criminals – so be sure to investigate any investments vigorously before handing your data or money.
The most important part of this attack is the initial phishing -e email. Social engineering attacks like phishing are dangerous because they catch users away, natural to keep aware is the best defense.
Phishing attacks will cause the victims to reveal their personal information, such as login, credentials, financial information and more. This puts victims at risk of identity theft or fraud.
It is true that some platforms will email you if there is an unknown login to a new device, which is what makes this campaign so convincing. It’s easy to say that users need to be extra careful, but sometimes it’s just not enough, so here are some extra tips to stay protected.
First, you need to create a strong and secure password and decisively not reuse passwords from one place to another – this helps by quantine any account that has been broken.
Then activate multifactor approval or MFA, especially for places that have medical or financial information. While this may be a bit of a FAFF, it is a big extra layer of security and gives you a peace of mind knowing that criminals would fight for much more to access your data.
Another thing to look for is inconsistent or suspicious domains. If you receive an E email, you do not expect, especially one who asks action and includes a link. Check the spelling of the domain, e.g. Faceb00k rather than Facebook. It’s never a bad idea to google what the legitimate domain would be.
The last thing to look for is strange attachments – if the sender is unknown and the e email contains links, pictures or documents – this is a red flag. QR codes are especially dangerous, so not scanning something you’re not sure is safe.
