If you get a DM on X saying "vote for me," it is a scam. It will ask for your login credentials for X. At that point, kiss you X account goodbye FOREVER, because X will NOT allow you to recover it.
Yes! I got several of the messages. One of them was pissed I had not voted, which was not the character of the person I knew. Then I saw the next one come through as Welcome The Eagle & knew it was a scam. These people have nothing better to do than steal. No common decency, no morals, no ethics and no job skills. Ahhhh sounds like our government.
My dog threw up something that looked like slime and n mouse. Do you sell detox for dogs . 30 pd poodle .no shots but I had sars .vet thinks I'm crazy.
@danstar317603 I would not be too smug if I were you. It's perfectly possible for scammers to create pages that ask you to put in your two factor codes. Codes generally last 30 seconds so it's trivial for scammers to automate a login using the creds you've provided including the two factor code. Only a security key gets around this because a security key sends your two factor code direct to the proper website and won't send it anywhere else. If you're entering codes yourself and you enter them into a scam website 2fa won't help you if they immediately use the code to login. Of course, if they just harvest your credentials to try later then 2fa WILL prevent them getting in, but, from what I understand, these scammers will be straight in, the second you press enter.
Something like this happened a month or two ago to a YouTube account owned by ABS-CBN, The Philippines largest media entertainment and news organization--their YouTube channel has almost 55 million subscribers. It became unavailable for at least two days, except for a related YouTube account for another division outlet that they used temporarily to route some live stream programming to. It was compromised by bitcoin scammers also. Fortunately, they were able to get it restored.
I have one of these in my inbox I couldn’t see where to report so have looked it up, it’s different in name to the ones shown here, I guessed it was a scam as I did click it and when it asked for details I came straight out, let me know if you want a screenshot to help others. Thanks for posting this much appreciated x
Of course, compromising 2FA is always possible but extremely unlikely as it’s much harder unless the user has made big mistakes. FYI some attacks have completely bypassed 2FA in recent years, but it’s still essential and the Google Auth style of setting it up with a QR code and a pin that varies over time is the best, auth by text is not considered reliable in the US.
The lack of response from X suggests to me that this is more than a scam, it is evidence that you have been added to a domestic terrorist watchlist. Nearly everyone who opposed covid mandates were. This is a common harassment technique. Please do some reading at targeted justice dot com, @targetedjustice, and @anatoledo.
I have long wondered what it is about people that they absolutely need to participate in "go-nowhere", chatter on X, Facebook and other such data sucking entities. I have never had any such account and have never missed one, nor have I been bothered by scammers in the way discussed here. As someone else said, social media are the cesspool of human relations.
I was approached and said sorry this looks like a scam because it doesn't make any sense plus it doesn't sound like you. So I responded with NSF... "non-sufficient foundation" to take any action.
Yes! I got several of the messages. One of them was pissed I had not voted, which was not the character of the person I knew. Then I saw the next one come through as Welcome The Eagle & knew it was a scam. These people have nothing better to do than steal. No common decency, no morals, no ethics and no job skills. Ahhhh sounds like our government.
My dog threw up something that looked like slime and n mouse. Do you sell detox for dogs . 30 pd poodle .no shots but I had sars .vet thinks I'm crazy.
I think the lesson is to NEVER ever click on a URL provided by someone else. Especially someone you don't even know.
@danstar317603 I would not be too smug if I were you. It's perfectly possible for scammers to create pages that ask you to put in your two factor codes. Codes generally last 30 seconds so it's trivial for scammers to automate a login using the creds you've provided including the two factor code. Only a security key gets around this because a security key sends your two factor code direct to the proper website and won't send it anywhere else. If you're entering codes yourself and you enter them into a scam website 2fa won't help you if they immediately use the code to login. Of course, if they just harvest your credentials to try later then 2fa WILL prevent them getting in, but, from what I understand, these scammers will be straight in, the second you press enter.
Something like this happened a month or two ago to a YouTube account owned by ABS-CBN, The Philippines largest media entertainment and news organization--their YouTube channel has almost 55 million subscribers. It became unavailable for at least two days, except for a related YouTube account for another division outlet that they used temporarily to route some live stream programming to. It was compromised by bitcoin scammers also. Fortunately, they were able to get it restored.
I have one of these in my inbox I couldn’t see where to report so have looked it up, it’s different in name to the ones shown here, I guessed it was a scam as I did click it and when it asked for details I came straight out, let me know if you want a screenshot to help others. Thanks for posting this much appreciated x
Does enabling second factor auth prevent this from happening?
Those URLs were fairly obviously corrupted, to an IT person.
Yes, it should unless they somehow compromise the second factor.
Of course, compromising 2FA is always possible but extremely unlikely as it’s much harder unless the user has made big mistakes. FYI some attacks have completely bypassed 2FA in recent years, but it’s still essential and the Google Auth style of setting it up with a QR code and a pin that varies over time is the best, auth by text is not considered reliable in the US.
Does someone at least get your vote?
Beware of the scammers on Substack as well!
The lack of response from X suggests to me that this is more than a scam, it is evidence that you have been added to a domestic terrorist watchlist. Nearly everyone who opposed covid mandates were. This is a common harassment technique. Please do some reading at targeted justice dot com, @targetedjustice, and @anatoledo.
I have long wondered what it is about people that they absolutely need to participate in "go-nowhere", chatter on X, Facebook and other such data sucking entities. I have never had any such account and have never missed one, nor have I been bothered by scammers in the way discussed here. As someone else said, social media are the cesspool of human relations.
I was approached and said sorry this looks like a scam because it doesn't make any sense plus it doesn't sound like you. So I responded with NSF... "non-sufficient foundation" to take any action.
I fell pray! I was able to get my account back, however it wasn’t easy.
Steve: thanks for exposing this.
Social media is the cesspool of human relations.
Thanx!