šŸ§  THE MOST SOPHISTICATED PHISHING SCAM YET

Personalized, Polished, and Highly Dangerousā€”Here's What You Need to Know

April 29, 2025

In partnership with

Hiring IT becoming a headache?

IT hiring doesnā€™t have to be a hassle. Let Crossbridge take care of it allā€”from sourcing top talent to seamless onboarding and more. Get fully vetted resumes in just 24 hours, all handled by real people, not algorithms. Experience the Crossbridge difference.

A new, hyper-targeted phishing attack is making rounds on Xā€”and itā€™s unlike anything weā€™ve seen before. Guillermo Rauch shares how he almost got tricked by a highly polished fake X support email that perfectly mimicked an actual content violation appeal.

Hereā€™s How the Scam Works:

  • You receive an email about a "Content Issue" on your X profile.

  • The email includes your username and looks identical to official HTML emails from X.

  • Clicking ā€œReview Detailsā€ redirects you to a fake support site using a sneaky domain (law-x.com instead of law.x.com).

  • The phishing page includes your profile photo, your real post links, and a convincing ā€œSubmit Appealā€ flow.

  • It then asks for your password to proceed.

  • Once you enter your password, the attacker uses a script to start logging in to X on your behalf.

  • You then unwittingly hand over the 2FA code, completing the takeover process.

Read Here šŸ”

X Users Say ā€œScams Are Getting Better!!ā€ šŸ˜¬

Stay sharp, everyone!