The Kenya Revenue Authority (KRA) has confirmed that its official X (formerly Twitter) account, @KRACare, has been compromised and renamed “StandsX.” The authority has cautioned members of the public against engaging with the account, warning that any messages or posts originating from it are fraudulent.
In a statement released on Friday, KRA urged Kenyans not to share personal information or send money to anyone claiming to represent the agency through the compromised account. “Members of the public are strongly warned not to engage, share personal information, or send money to any messages or posts from this account, as they are fraudulent,” the statement read in part.
KRA confirmed that it has already launched urgent recovery efforts in collaboration with X (formerly Twitter) to retrieve and secure the official handle. The authority assured the public that official updates will only be shared through verified KRA communication channels while the recovery process is ongoing.
The statement further advised users seeking assistance to contact KRA through its official Facebook page or WhatsApp line (0711 099 999). The agency thanked the public for their understanding and cooperation as it works to restore normal operations on the affected platform.
This incident comes amid a growing wave of cyberattacks targeting verified government and corporate social media accounts, underscoring the importance of multi-layered online security for public institutions.
