Medium riskSocial Media Scams

X Verification Scam

An X verification scam reaches you through a direct message or email pretending to be from X, formerly Twitter. It either offers a verification badge or warns that your account will lose verification or be suspended unless you confirm your details. The link leads to a fake login page designed to steal your username and password, which can then be used to take over or impersonate your account.

Quick verdict

Risk level
Medium risk
Scam type
Account phishing scam
Main red flag
A DM or email about getting, keeping, or losing your verification badge that pushes you to confirm via a login link.
What to do first
Do not use the link. Open X yourself and check any notices in the app's official settings or help area rather than the message.

What this scam usually looks like

An X verification scam reaches you through a direct message or email pretending to be from X, formerly Twitter. It either offers a verification badge or warns that your account will lose verification or be suspended unless you confirm your details. The link leads to a fake login page designed to steal your username and password, which can then be used to take over or impersonate your account.

Example message pattern

Example pattern — not a real report
Example pattern: "X Support: Your account has been flagged for review. To keep your verified badge and avoid suspension, confirm your account details here within 24 hours: [unfamiliar link]"

This is a fictional, anonymised example used to illustrate the pattern. It is not a verified real message, and any names are used only to show how the scam typically reads.

Red flags to watch for

  • A message claiming you must "confirm" your account to gain, keep, or avoid losing verification.
  • A link to a login page rather than instructions to check settings inside the X app.
  • The sending account or email address is not the official X support channel, despite using its name and logo.
  • Urgency such as a 24 hour deadline before suspension or loss of the badge.
  • The login page web address does not match X's official domain.

What to do

  • Open the X app or type the official site address yourself and check for any genuine notices in settings.
  • Verify the badge and account status through X's official help resources rather than a message link.
  • Inspect the sender's profile or email address carefully, as impersonation accounts often use slight misspellings.
  • Report and block the account or message, then delete it once you have confirmed it is not genuine.

If you already clicked or replied

  • If you entered your X password, change it immediately and sign out of all active sessions.
  • Turn on two-factor authentication using an app or security key for stronger protection.
  • Review your connected apps and remove anything you do not recognise.
  • Check your profile, posts, and DMs for changes, and warn followers if your account may have been used to message them.

What not to do

  • Do not enter your X login on a page you reached from a DM or email link.
  • Do not share two-factor codes with anyone, even if they claim to be X support.
  • Do not pay anyone who promises to get you verified faster outside the official process.

Similar scams

High risk Social Media

Instagram Verification Scam

This scam offers a blue verification badge or warns your account is at risk, then links to a fake login page that steals your password.
High risk Social Media

Facebook Business Page Scam

This scam targets page owners with a message or email posing as Facebook or Meta, claiming a policy violation or that the page will be unpublished. A fake 'appeal' or 'verify business' link steals the admin's login.
Medium risk Social Media

Celebrity Impersonation DM Scam

This scam uses a direct message from an account posing as a celebrity or public figure to build a personal connection with a fan, then asks for money, gift cards, a 'membership fee', or details for a fake meet-and-greet or giveaway.

Frequently asked questions

Does X contact people by DM to confirm verification?
Be cautious with any DM that asks you to confirm details through a link to keep or gain a badge. Account checks and verification are handled inside the platform, so it is safer to verify status through the official app settings or help pages rather than a message.
Can I really lose my verification if I do not click within 24 hours?
The countdown is a pressure tactic designed to make you act before thinking. A genuine change to your account would be visible in the app itself, so check there directly instead of trusting a deadline pushed in a DM or email.
The sender's name and logo matched X exactly. Could it still be fake?
Yes. Display names, profile pictures, and logos are easy to copy, and scammers often use handles or email addresses that are slightly off. Appearance alone does not confirm an account is official, so verify through the app rather than the message.
I entered my password on the linked page. What now?
Change your X password straight away, sign out of all sessions, and enable two-factor authentication. Review connected apps and recent activity, and let your followers know if the account may have sent messages without your knowledge.

Last reviewed: June 2026

Disclaimer: This page provides educational information only to help you recognise common scam patterns. It is not legal, financial, cybersecurity, or law enforcement advice, and it does not confirm whether any specific message, company, or person is genuine or fraudulent. When in doubt, contact the official organisation directly and report concerns to your local authorities.