The Kenya Revenue Authority (KRA) has issued an urgent warning to the public after its official customer care X (formerly Twitter) account, @KRACare, was hacked and renamed to @Standx_Officiel.
In a statement released on Friday, October 31, the tax authority revealed that hackers had taken over the account — which boasts more than 339,000 followers — and were using it to target unsuspecting Kenyans. The Authority cautioned the public against sharing personal information, engaging with the posts, or sending money to any individuals claiming to represent KRA through the compromised account.
“The official KRACare X account has been hacked and its handle changed to ‘StandsX’. Members of the public are strongly warned not to engage with posts on the account as they are fraudulent,” KRA stated.
KRA confirmed that it was working closely with the management of X to recover and secure the account. In the meantime, Kenyans were urged to rely on verified communication platforms for any official updates.
“You can still reach us here on Facebook or via WhatsApp 0711 099 999,” KRA assured.
A spot check by Kenyans.co.ke showed that the hacked account’s last genuine post was made on Thursday, October 30, urging Kenyans to uphold integrity and report unethical practices through the whistle.kra.go.ke portal.
The KRACare account, created in February 2014, has been a vital customer care channel for tax-related inquiries. It differs from KRA’s main corporate X account, which currently has around 122,000 followers.
This incident adds KRA to a growing list of Kenyan parastatals targeted by hackers in 2025, including the Directorate of Criminal Investigations (DCI), Kenya Broadcasting Corporation (KBC), and the Business Registration Service (BRS).
KRA has reaffirmed its commitment to restoring the account and protecting taxpayers from online scams.
