FFCheck
Category overview
NLEN
Brand monitoring · 2 active imitations

Phishing imitations of X (Twitter)

Phishing domains impersonating X (Twitter). Stay alert: X (Twitter) never asks for your DigiD, PIN or login credentials via SMS or email.

2
Active dossiers
5 days ago
Last detected
15 May
Updated
How does X (Twitter) phishing work?

What is a X (Twitter) phishing imitation?

Scammers register domains that look like x.com (with extra words, hyphens or a different extension) and build a fake login page. Victims typically receive an SMS, email or WhatsApp message linking to such a fake domain.

How do you spot a fake X (Twitter)?

Check for unusual domain spellings, requests for personal data or PIN codes, and unusual payment or login requests. Real X (Twitter) never asks for your credentials or PIN via SMS or email.

What does X (Twitter) do against phishing?

Official organisations like X (Twitter) work with hosting providers and the Dutch Fraudehelpdesk to take phishing domains offline. Reporting a domain to Fraudehelpdesk speeds up the process.

Known x (twitter) dossiers (2)
x.vodxz.icu
malware_download5 days ago
refid-x.pav3lorex.surf
malware_download5 days ago
Frequently asked questions

How many X (Twitter) reports does FFCheck have?

We currently have 2 active dossiers in this category. The list updates hourly via URLhaus, OpenPhish and user reports.

How is this data collected?

FFCheck combines real-time threat feeds (URLhaus, Spamhaus DBL, Google Safe Browsing) with technical analysis of each domain and anonymous user reports.

Can I report a suspicious domain myself?

Yes. Paste the domain into the search bar at the top. We generate a safety dossier instantly and you can share your experience anonymously below.

Official resources
Fraudehelpdesk.nl →
National fraud reporting centre (NL)
Politie.nl →
Report online fraud (Dutch police)
Consumentenbond.nl →
Consumer advice on fraud (NL)
Opgelicht.npo.nl →
Dutch TV programme archive