{"id":24560,"date":"2018-11-13T12:02:06","date_gmt":"2018-11-13T17:02:06","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=24560"},"modified":"2019-11-15T06:32:16","modified_gmt":"2019-11-15T11:32:16","slug":"twitter-cryptocurrency-scams","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/twitter-cryptocurrency-scams\/24560\/","title":{"rendered":"Twitter cryptocurrency scams: A hundred Elon Musks \u2014 and now Target"},"content":{"rendered":"

\u201cWe are celebrating and giving away N bitcoins to our fans! Just transfer 0.01 BTC to the wallet below and we\u2019ll return 0.1 BTC!\u201d That\u2019s what an average cryptocurrency scam looks like.<\/p>\n

Of course, once you\u2019ve transferred your cryptocurrency to the specified wallet, no one is going to pay you back. Those who posted the tweets were just scammers looking for easy money (and it\u2019s rather hard to catch them; bitcoin provides some degree of anonymity). Who is going to fall for that? Actually, a lot of people \u2014 if the scam is presented to them by someone they trust.<\/p>\n

A short history of Twitter cryptocurrency scams<\/h3>\n

Cryptocurrency scams first came to light when scammers pretending to be Elon Musk, CEO of Space X and Tesla, claimed to be giving away Ethereum for whatever reason, be it the launch of the new Space X rocket or the production of yet another Tesla car.<\/p>\n

Elon Musk uses Twitter quite a lot for PR and communication, and he has more than 20 million followers. The scammers created accounts that borrowed his avatar and his name, as well as similar Twitter handles (say @elonmask instead of @elonmusk). Then, using these accounts, they replied to his original posts, promoting fake giveaways so that they looked like they came from Musk himself \u2014 unless, of course, you were paying close attention.<\/p>\n

The technique worked, and cryptocurrency scams started gaining momentum. At some point, Twitter even started preemptively banning accounts that changed their name to Elon Musk<\/a>.<\/p>\n

Scammers then moved on to exploiting other Twitter celebrities such as Bill Gates, Pavel Durov (creator of vk.com and Telegram), Vitalik Buterin (creator of Ethereum cryptocurrency), and more. They also used bots that shared spam links, following other fake accounts, and producing retweets and likes to promote those cryptocurrency scams. Researchers from Duo Security discovered a large network of these bots<\/a> that were following, liking, and retweeting each other.<\/p>\n

At some point, scammers started hijacking verified accounts, using them to increase their posts\u2019 persuasiveness. When yet another \u00c6lon M\u00fcsk announced yet another crypto-giveaway, it looked significantly more convincing if verified accounts commented positively on it, claiming to have received their bitcoins. For example, recently hacked accounts include ones belonging to the Indian consulate in Frankfurt and to a consulting company called Capgemini.<\/p>\n

Some scammers tried renaming other hacked verified accounts to look like Elon Musk (using letter \u201co\u201d in Cyrillic or similar to keep Twitter from noticing and banning them) and using them to announce cryptocurrency scams and to add to the scams\u2019 legitimacy.<\/p>\n

The latest tech: Ads from verified accounts<\/h3>\n

In this stage of the cryptocurrency scam evolution, perpetrators began replacing tweets with Twitter ads posted in the name of verified (but fake) accounts of the sort discussed in the previous section. It makes sense: Twitter ads have no comments, so there\u2019s no way to warn potential victims.<\/p>\n

And now, cryptocurrency scammers have gone even further<\/a>. Their latest technique makes those scams even more convincing. Recently, they compromised Target\u2019s Twitter account \u2014 but instead of posting a normal tweet (which would be spotted quickly by Target\u2019s employees and followers), the scammers decided to run an ad promoting their cryptocurrency scam.<\/p>\n

\"An<\/a><\/p>\n

It looked really convincing:<\/p>\n