Roj SnookFeb 20, 2025
Panic

🎣 Reel phishing! Our (unused) Twitter account got an email that some of our tweets had violated terms of service and our account was being deleted. The page was convincing, flagged two of our tweets that had images, and with the chaos of X, the URL seemed plausible!

But…

Feb 20, 2025 at 6:25pmWeb
Show threadPanicFeb 20, 2025

…yeah, it was just phishing for our password to "resolve" the issue. How did we confirm this?

By changing the username at the end of the URL, the site would make a brand new "report" for whatever account it was pointed at. lol.

I bet they got a lot of passwords!

Show threaddigitalfoxFeb 20, 2025

@panic Tricky, indeed… Thanks for sharing!

One of those two fake reports has a decent chance of being (or soon being) legitimate, too. 

Show threadJason Anthony GuyFeb 20, 2025
@panic One more reason to use a password manager: If my password doesn’t fill, it’s probably not the real site…. Attention gets turned up to 11.
Show threadMattFeb 20, 2025
@panic Someone really wants your handle. 
Show threadnetop://ウィビFeb 20, 2025
@panic Hah! And this is what's at the URL.