The authority said it has immediately launched efforts, in collaboration with X, to regain control of the account and restore its security.
The Kenya Revenue Authority has confirmed that its official X account, @KRACare, has been compromised, with the handle now appearing as “StandsX.”
The development has prompted urgent warnings to the public to exercise caution and avoid engaging with messages or posts from the account, which could now be used for fraudulent purposes.
In a statement posted on its verified corporate X account, KRA urged members of the public not to share personal information, click on links, or send money in response to any posts from the hacked account.
“Members of the public are strongly warned not to engage, share personal information, or send money to any messages or posts from this account, as they are fraudulent,” the statement read.
The authority said it has immediately launched efforts, in collaboration with X, to regain control of the account and restore its security.
Until this is resolved, official updates will be provided through verified KRA communication channels, including Facebook at https://facebook.com/KRACare and WhatsApp via 0711099999.
Cybersecurity experts note that attacks of this nature are increasingly common, often targeting public-facing accounts to exploit trust and extract personal or financial information from unsuspecting users.
Hackers typically gain access through phishing attacks, weak or reused passwords, and sometimes through insider access.
Once they control an account, they can impersonate the organization, post malicious links, and scam followers.
In some cases, attackers use automated scripts to send messages or post content that appears legitimate, making it difficult for casual users to identify the threat.
The change of handle, as seen with “StandsX,” is a classic technique to obscure the account’s original identity while keeping followers engaged until the hack is discovered.
KRA’s swift response reflects growing awareness of the reputational and operational risks posed by social media breaches.
The authority’s reliance on verified channels for communication highlights the importance of cross-checking any unusual posts before taking action, particularly when personal or financial information is requested.
Members of the public are advised to monitor their own accounts for unusual activity, avoid clicking on suspicious links.
Cybersecurity specialists recommend the use of two-factor authentication, unique passwords and regular monitoring of account access to prevent such incidents.
KRA has assured Kenyans that it is treating the matter as a top priority and will provide updates as soon as the official account is secured.
"Official updates will be shared through verified KRA communication channels," the authority said.
