Twitter Blue to X Phishing Breakout – Gridinsoft Blogs

Summary

• Scammers exploit Twitter's rebranding (transition to name "X") confusion for phishing.
• Twitter Blue users targeted, offered migration to "X," but scammers gain account access.
• Phishing emails seem genuine, appearing to come from x.com and passing the Security Policy Framework (SPF), and include deceptive authorization link, opening a legitimate API authorization screen.
• Clicking link grants attackers control over victim's Twitter account settings and content.
• Victims can block access by revoking app authorization in Twitter settings.
• Twitter is aware and "working on a solution."

Edited based on comment from: @incogtino@lemmy.zip