US Markets
Home›US Markets›Sectors›Scam emails impersonate X login alerts to steal passwo…
Scam emails impersonate X login alerts to steal passwords
The fraud attempts to push victims to reset credentials via links that point to fake pages and can log them out of active sessions, helping scammers gain control for further fraud.
Fraudsters are targeting X accounts with convincing fake login alerts that warn of a “new device” sign-in and prompt users to reset their password or review app access, according to guidance highlighted by Guardian Business.
The article says the message style and X branding can closely mimic legitimate notifications, but red flags include the email address it comes from and details like whether the email includes the correct account handle or provides specific, believable login information.
It also notes that the advice X would normally provide, such as logging users out of other active sessions and letting them revoke unfamiliar app access, is being used to sell a false outcome, with links in the scam email leading to pages designed to capture passwords or approvals.
Once scammers gain access, the report says they are likely to use the compromised account for additional fraud, including crypto scams, phishing attacks, and misinformation campaigns.