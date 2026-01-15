BBB serving Greater Kentucky and South Central Indiana warns consumers of a phishing scam that locks users out of their X (formerly known as Twitter) accounts. Once the accounts have been hacked, they are used to promote cryptocurrency and other products.

The scam typically targets accounts with large followings.

Several high profile local figures, including journalists and government officials, have been targeted by scammers.

Noted Kentucky turf writer Jennie Rees recently had her X account hacked.

“Hackers have gotten increasingly clever and insidious. Gone are the days when they were easily spotted by awkward wording, spelling or an outlandish claim. I got a DM on X seemingly from a long-time sports journalism colleague asking if I would vote for him in an online contest to co-host a ‘huge podcast event with Spotify and Google.’ My colleague is in the podcast world, so sure, I wanted to help him out — and clicked on the purported link to vote. And I was infected. I was locked out of my X account, and a post surfaced where I say I bought a new Audi with my crypto earnings. Far worse is that my X contacts began receiving that bogus DM that started it all,” said Rees. “I’m thrilled the BBB is working to raise public awareness of this hacker fraud.”

BBB offers the following tips to help consumers avoid social media scams:

• Understand how social media platforms work. Get to know a social media platform’s policies before using it. For example, X never sends emails requesting login credentials, nor do they send emails with attachments. If you are clear on the platform’s policies and procedures, you’ll be less likely to fall for correspondence from a scammer – even if it looks legit.



• Be wary of unsolicited messages. Be skeptical about out-of-the-blue messages, whether it’s a DM, an email, or a message on a messaging app, especially if they ask you to click on links or open attachments. Instead, go straight to the source – the platform’s official customer service center – to determine if the message is real. Read more about this Facebook phishing scam targeting business pages.



• Look for the signs of a scam. Poor spelling, bad grammar, pressure to act now, demand for payment, and scare tactics are all red flags that indicate a scam.



• Always protect your personal information. Never give a stranger your login credentials or other personal information without verifying their request’s legitimacy. Most reputable companies won’t ask you for your login information.