AI Exploitation on X: Cybercriminals Cashing in With Malicious Links

The Mechanics of Malicious AI Usage

Cybercriminals have found a new method to exploit users on X (formerly Twitter) by leveraging Grok AI. By embedding malicious links in clickbait videos, they prompt Grok with queries like “Where is this video from?” Grok’s response amplifies the link, giving it credibility due to its association with AI. This approach effectively bypasses X’s ad protections, allowing these links to gain SEO value and domain reputation, making them appear legitimate to unsuspecting users.

Risks Involved

Clicking these links can redirect users to Traffic Distribution Systems (TDS) that lead to fake CAPTCHA scams or malware downloads. The attacks exploit user trust in AI responses, particularly in high-traffic threads. Reports indicate that this tactic has contributed to a staggering increase in phishing attacks, with incidents rising by 1,000-1,265% from 2022 to 2025.

According to cybersecurity firm Guardio Labs, hundreds of accounts have engaged in this organized campaign, posting thousands of malicious links until their accounts are suspended. The implications for personal data security are severe: potential exposure of sensitive information and even account takeovers.

AI’s Role in Phishing

AI tools like GPT-4 and others have enabled rapid creation of highly personalized phishing attempts, including deepfake videos and vishing calls. The FBI has highlighted that targeted campaigns now utilize flawless grammar and scraped social data to deceive users. Major platforms such as X, Instagram, and TikTok are seeing a shift towards these hyper-personalized attacks, especially during peak shopping seasons.

The trend marks a significant evolution in phishing tactics, moving from broad, indiscriminate spam to tailored attacks designed to exploit specific vulnerabilities in user behavior.

Platform Responses and Mitigation Strategies

Despite expert warnings, X has downplayed the issue, claiming that the concerns are unfounded. This denial raises questions about the platform’s ability to effectively moderate AI-generated content and protect users. Experts recommend several strategies to mitigate these risks:

• Use antivirus software and enable two-factor authentication.
• Scrutinize AI-generated replies, identifiable by the ‘Grok’ tag.
• Report suspicious posts directly to X.
• Implement real-time content monitoring and behavioral analysis tools.

Traditional filters struggle against the adaptability of these AI-driven scams, necessitating a more proactive defense approach.

Looking Ahead

In the next 6 to 12 months, expect an escalation in AI-driven phishing attacks as cybercriminals refine their techniques. Platforms will likely face increasing pressure to enhance security measures and user education. For SEO professionals and content marketers, adapting to these threats will require vigilance and a shift in strategies to maintain user trust and security.