this post was submitted on 09 Aug 2023
34 points (100.0% liked)

Technology

37360 readers
242 users here now

Rumors, happenings, and innovations in the technology sphere. If it's technological news or discussion of technology, it probably belongs here.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
alyaza@beehaw.org
TheRtRevKaiser@beehaw.org
gyrfalcon@beehaw.org
rs5th@beehaw.org
coldredlight@beehaw.org
Los@beehaw.org
SemioticStandard@beehaw.org
TheRtRevKaiser@kbin.social
remington@beehaw.org
34
[Corp Blog] Twitter Blue to X Phishing Breakout – Gridinsoft Blogs (gridinsoft.com)
submitted 11 months ago* (last edited 11 months ago) by Elephant0991@lemmy.bleh.au to c/technology@beehaw.org
6 comments fedilink hide all child comments
 

Summary

  • Scammers exploit Twitter's rebranding (transition to name "X") confusion for phishing.
  • Twitter Blue users targeted, offered migration to "X," but scammers gain account access.
  • Phishing emails seem genuine, appearing to come from x.com and passing the Security Policy Framework (SPF), and include deceptive authorization link, opening a legitimate API authorization screen.
  • Clicking link grants attackers control over victim's Twitter account settings and content.
  • Victims can block access by revoking app authorization in Twitter settings.
  • Twitter is aware and "working on a solution."

Article's Safety Recommendations (probably a bit generic and self-promotional)

  1. Being cautious with unfamiliar emails, especially attachments or links.
  2. Verifying URLs by hovering over them.
  3. Not sharing personal info on suspicious/unknown sites.
  4. Be careful with attachments and links.
  5. Using two-factor authentication (2FA) for account security.
  6. Keeping antivirus software updated to prevent malware.

Edited based on comment from: @incogtino@lemmy.zip

you are viewing a single comment's thread
view the rest of the comments
[–] baseless_discourse@mander.xyz 23 points 11 months ago (2 children)

Safety Recommendations: Quit Twitter.

[–] incogtino@lemmy.zip 13 points 11 months ago (1 children)

Ethical phishing: Email Twitter users, steal their credentials, close their accounts

/jk

[–] delmain@beehaw.org 3 points 11 months ago

/jk

... unless