Fake ‘Vote for Me’ links on ‘X’ target users

Cyber expert urges users not to click suspicious links

Srinagar, Jul 13: A cyber security expert on Monday warned users of a phishing campaign spreading rapidly on social media platform X, where hackers are using compromised accounts to send fake voting requests aimed at stealing users’ login credentials and taking over their accounts.
Senior Superintendent of Police (SSP), State Investigation Agency (SIA) Kashmir, Tahir Ashraf said users are receiving fraudulent “vote for me” messages from accounts that have already been hacked. He cautioned that clicking on the embedded link could instantly compromise an account.

According to the advisory, once victims click the malicious link and enter their credentials on a fake login page, attackers seize control of the account, change login details, demand payment to restore access, and use the compromised account to send similar phishing messages to friends and followers, allowing the scam to spread further.
The SSP urged users not to trust unexpected voting requests, even if they appear to come from someone they know and advised verifying such requests through another communication channel before clicking any links.
Cyber security experts say such attacks rely on social engineering rather than technical vulnerabilities. Victims are tricked into visiting fake websites that closely resemble legitimate login pages, where their usernames and passwords are harvested by attackers.
“Vote for me” phishing scams have increasingly surfaced on X in recent months, targeting journalists, public figures, businesses and ordinary users alike. Once an account is hijacked, attackers exploit the victim’s trusted contacts to expand the campaign, making the fraudulent messages appear genuine and increasing the likelihood of more users falling victim.