this post was submitted on 09 Aug 2023
20 points (100.0% liked)

Technology

37360 readers
219 users here now

Rumors, happenings, and innovations in the technology sphere. If it's technological news or discussion of technology, it probably belongs here.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
20
[Corp Blog] Twitter Blue to X Phishing Breakout – Gridinsoft Blogs (gridinsoft.com)
submitted 11 months ago* (last edited 11 months ago) by [email protected] to c/[email protected]
6 comments fedilink hide all child comments
 

Summary

  • Scammers exploit Twitter's rebranding (transition to name "X") confusion for phishing.
  • Twitter Blue users targeted, offered migration to "X," but scammers gain account access.
  • Phishing emails seem genuine, appearing to come from x.com and passing the Security Policy Framework (SPF), and include deceptive authorization link, opening a legitimate API authorization screen.
  • Clicking link grants attackers control over victim's Twitter account settings and content.
  • Victims can block access by revoking app authorization in Twitter settings.
  • Twitter is aware and "working on a solution."

Article's Safety Recommendations (probably a bit generic and self-promotional)

  1. Being cautious with unfamiliar emails, especially attachments or links.
  2. Verifying URLs by hovering over them.
  3. Not sharing personal info on suspicious/unknown sites.
  4. Be careful with attachments and links.
  5. Using two-factor authentication (2FA) for account security.
  6. Keeping antivirus software updated to prevent malware.

Edited based on comment from: @[email protected]

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 11 months ago (2 children)

This is a great short analysis, but I think the generic recommendations are a bit strange when tacked onto it

Firstly, who knows what to expect from the Twitter X changeover. If I had a blue subscription I wouldn't not (!) expect to get an email about migrating considering the chaos so far

Then the email is verified as coming from Twitter, and sends you to the genuine Twitter API. No amount of 2FA or antivirus is going to save you here

[–] [email protected] 2 points 11 months ago (1 children)

You're right. Edited.

[–] [email protected] 3 points 11 months ago

Cool cool, definitely not criticising, and a great article to post

I think the weakness of the article was mentioning that the email passed the Security Policy Framework (i.e. appeared to legitimately be from x.com) without discussing why this is possible and who is responsible for it not happening

They even say in bold that 'the primary responsibility less with the end user', but in this case even careful users could easily be caught