A fairly polished attempt. My number one cybersecurity rule is never follow links I didn’t just request (ie within a few minutes for password reset…). Even then I always look at the sender’s full email address and review urls at each step.
I logged in to X, and changed it from there. Actually didn't remember having an X account until then. Changed my password to Elon is a stupid fucking dipshit. Please do feel free to take my account if anyone likes.
Ha! The obvious flag that reveals this as a phishing attempt is the fact that X doesn’t give two shits about complaints about the content on their platform (because let’s face it, the more troublesome the content is, the higher the engagement)
None of the original post indicates that are still posting on Twitter.
Even if the email was legitimately from twitter (it's not, it's phishing) it could relate to an old post.
To steal personal information that they can sell, to have a real looking account they can use to advertise scams or perv on people, etc. There's a few reasons. People suck.
Unlikely. He has no need to steal user passwords on his own website. From what I heard, he's got cronies walking into government offices and installing new servers on their networks.
Yeah, the "monitor multiple timelines" text was the first clue for me, since it didn't make sense given the context. The URL is a giveaway of course, but I hadn't checked that yet.
We'll probably learn next week that Musk was so addled by ketamine that he accidentally registered the domain x-merb and then forced the Twitter team to use it so no one would know it wasn't intentional.
You could have avoided clicking any links at all in that message by just looking at the domain the email was sent from. Just clicking links can scrape data and cause problems. Always more secure to go directly to the platform/company in question rather than clicking ANYTHING in questionable emails.
Hey there! I just launched my product on Product Hunt, and I’d really appreciate your support with an upvote! 😊
Here’s the link: https://www.producthunt.com/products/palify
For anyone confused about what's going on here, look carefully at the domain on the sender's email address and the URL where the link took him.
This is a phish attack -- an attempt at stealing account credentials.
If you ever get emails from companies that seem odd, always check the sender email address and the URL of any links in the email, especially if they want you to click a button link and log in.
Comments
Even if the email was legitimately from twitter (it's not, it's phishing) it could relate to an old post.
> You use to have Standards but no longer do so this is now irrelavent
-Trust Me Bro
😂😂
Everybody knows that X has no community standards whatsoever.
Here’s the link: https://www.producthunt.com/products/palify
Thanks so much for checking it out!
This is a phish attack -- an attempt at stealing account credentials.