- By Vikas Yadav
- Sun, 30 Jul 2023 02:49 PM (IST)
- Source:JND
Elon Musk's social media platform X grabbed eyeballs for a logo change and a branding overhaul lately. While it was a centre of attention in the media reports, it is now a way to plant phishing attacks on X Blue subscribers. First pointed out by @fluffypony on the microblogging platform earlier this week, it reached the vision of the Twitter team, which is working "on it".
X Blue Email Scam: How It Works?
According to the post by the user, this clever X Blue phishing email "appears to come from x.com". It is sent via a customer relationship management (CRM) platform, which lets the mail bypass spam filters. While it might seem to originate from "sales@x.com", a closer look reveals that it was sent "via sendinblue.com", a mailing list platform.
Also Read: Twitter Video Download: Users Can Now Download Videos Uploaded On X, But There's A Catch
This email's Subject line reads: "Preserve your status. Transition smoothly."
The email proposes that a Blue subscriber smoothly migrate to X from Twitter Blue and avoid losing the checkmark. It is linked to a URL that seems genuine at first glance. This link redirects a user to an application programming interface (API) authentication screen that asks the user to "Authorise" the app to access their account.
If a user clicks on "Authorize app", the fake service gains access to manage your account.
X Blue: How to be safe?
If you have clicked on the button, here's what to do next to ensure you do not lose access to your account.
Step 1: Head to 'Settings' of X
Step 2: Find 'Security and account access'
Step 3: Locate 'Apps and sessions' and 'Connected apps'
Step 4: From here, find the suspicious Twitter app and tap/click 'Revoke app permissions'
Taking cognisance of the matter, an X engineer posted: "We are on it."
Plus, in the future, make sure to cross-check the sender's address and look for errors in the email. Plus do not click on links in suspicious emails.