Watch Out for This New Phishing Scam on X/Twitter

The online world can be a stressful place when it comes to protecting your data.

The new verification system on X/ Twitter is still causing problems for users, as blue-check scammers have been found to target customer service complaints on the platform.

X has been through its fair share of controversy since the tumultuous take over by Elon Musk in October 2022. The perplexing name change, the X sign fiasco, and the refusal to pay rent of all marred the transition, sending users and advertisers to other competitors.

Now, it looks like the blue check debacle isn’t even completely solved yet, as phishing attempts have been prevalent thanks to the paid-for verification system.

How the Scam Works

Reaching out to brands via X has become a common trend in recent years, with the public attention sometimes getting customer service reps to respond faster to urgent requests. However, this new scam takes advantage of this trend by responding in order to phish valuable information from unsuspecting users.

It starts with the scammer responding to customer service requests, disguised as the brand in question. What makes the scam so believable is that scammers can now purchase an $8 per month blue check from Twitter, making it seem like they are a legitimate source of customer service.

Surfshark logo🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get a huge 86% off Surfshark with this special offer.See deal button

Once you’ve started a conversation, the scammer (still disguised as the brand) will request contact and financial information to provide you with a refund to your card. Unfortunately, there is, of course, no refund. Instead, your information will be used to steal money or simply sold to third parties on the dark web.

How to Avoid Getting Scammed

One of the impersonated companies responded to The Guardian when asked for comment, explaining the best way to avoid falling victim to this scam:

“If there are ever any doubts about the legitimacy of a request, customers should always err on the side of being safe and contact our official customer service team. If a customer does opt to contact us using Twitter, they should always check they are using our verified account which has a gold badge to indicate authenticity.” – a spokesperson for

There are a few ways to protect yourself from phishing scams in general too. For starters, always verify where you are sending money or financial information before you click the button. Also, keep an eye out for spelling mistakes, grammatical errors, and other clear indicators that you aren’t speaking to a legitimate business.

How to Protect Yourself Online

Generally speaking, the online world can be a stressful place when it comes to protecting your data. There are, unfortunately, a lot of nefarious actors out there attempting to use digital illiteracy to make a quick buck.

Fortunately, there are some tools that you can use at your business to ensure that your team is as secure as possible. After all, you don’t want to get hacked and have a financial hit of, on average, more than $10 million for a data breach.

The best place to start is a VPN, which can help encrypt your team’s internet traffic, even in secured databases from your company. On top of that, a good password manager can ramp up your security in a big way, particularly considering most data breaches stem from poor password security.

Simply put, being vigilant when it comes to online security is your best bet, but a little bit of help can go a long way in shoring up your defenses.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at

Written by:
Conor is the Lead Writer for For the last six years, he’s covered everything from tech news and product reviews to digital marketing trends and business tech innovations. He's written guest posts for the likes of Forbes, Chase, WeWork, and many others, covering tech trends, business resources, and everything in between. He's also participated in events for SXSW, Tech in Motion, and General Assembly, to name a few. He also cannot pronounce the word "colloquially" correctly. You can email Conor at
Explore More See all news
Back to top
close Building a Website? We've tested and rated Wix as the best website builder you can choose – try it yourself for free Try Wix today