Beware cryptocurrency “giveaways” from “blue tick” Twitter accounts
Verified accounts apparently belonging to celebrities on Twitter are often seen promoting Bitcoin giveaways where Twitter users can allegedly double their Bitcoin amount. But as is often the case online, if it appears too good to be true, it probably is. This is how these scams work and how to spot them.
If you login to Twitter and see Elon Musk’s official account tweeting about giving away free cryptocurrency, you’d probably be very tempted to take part. After all, Elon Musk isn’t some lowly cyber scammer that’s going to take your money and run for the hills. And it’s not like he needs to go around stealing money from the average Internet user. He is, after all, one of the wealthiest people on the planet.
So you see Elon Musk’s Twitter account posting about a cryptocurrency giveaway, and since you know that anyone can create an account with anyone’s name next to it, you do your due diligence and check if the account has Twitter’s blue verification tick next to it. That’s the blue tick that Twitter places on accounts to show you it’s the official, verified account belonging to a particular personality. And look, the blue tick is there…
As such, you click the link in the tweet to head over to the website to get your free Bitcoin courtesy of the Telsa CEO. And then you see that in order to get your free Bitcoin, you need to first send over some Bitcoin yourself. But don’t worry the website says – whatever Bitcoin you send over will be doubled, even tripled and sent back to you within hours.
While some may believe this is an opportunity of a lifetime, it’s actually a scam. And the cryptocurrency you sent over on the promise of it being doubled or tripled is stolen and cashed out.
How do Bitcoin giveaway scams on Twitter work?
It’s perhaps important to note first of all that Elon Musk isn’t scamming Twitter users, and nor is any other well-known celebrity that appears to be running these Bitcoin giveaways.
Here is a screenshot of “Elon Musk” promoting a Bitcoin giveaway.
While the first tweet is from Elon Musk himself, the replies below are from fake accounts. Once you look at it with a more sceptical eye, you’ll see the red flags. The text in Elon Musk’s name on the fake account is more spaced out than it should be. And the biggest giveaway is the username, which is different to Musk’s real username (@elonmusk.)
However, the crooks are banking on victims seeing Twitter’s blue verification tick by the account name and consequently determining that the account must be real.
Sponsored Content. Continued below...
But hold on, how exactly did crooks manage to get that verified blue tick? It’s not something Twitter hands out to just anyone, let alone cyber crooks pretending to be Elon Musk.
It turns out, these cyber crooks are particularly adept at compromising the accounts of other verified “blue tick” Twitter users. The crooks, most likely using some crafty targeted phishing scams, have targeted owners of blue tick Twitter accounts in a bid to trick them into handing over their account passwords. And given the amount of verified Twitter accounts we’ve seen involved in these giveaway scams, it appears blue tick Twitter users aren’t any better with their account security as many of their non-blue-tick counterparts. (The blue tick account in the screenshot above originally belonged to a Japansese Olympic swimmer!)
“Changing display names and profile pictures”
So the crooks are compromising verified Twitter accounts and changing that account’s display name and profile picture to make it appear like it belongs to a particular personality. In the example we posted above, that personality is Elon Musk. Then they post links to cryptocurrency giveaway scams using the compromised blue tick Twitter account; most notably as replies to tweets made by the same personality the crooks are pretending to be.
It’s a scam that works, as the BBC recently reports. Sebastian from Germany lost a whopping £407,000 (10 Bitcoins at the time) believing that Elon Musk would double his return. But the money never arrived.
In this case it’s Elon Musk the crooks are pretending to represent. But we’ve also seen examples using Bill Gates, Jeff Bezos and other well-known names in the world of business.
Sponsored Content. Continued below...
Avoiding fake cryptocurrency scams
It may sound glib, but avoiding these scams simply means not entering into giveaways that claim to double or triple your cryptocurrency investment in the first place. That’s because such giveaways do not exist. If it appears too good to be true, it probably is. And in this case, it’s definitely too good to be true.
But you can also take a harder look at the accounts posting these schemes from the image we posted earlier and see that the Twitter usernames do not match.
But even if they did match, the reality is that if Elon Musk’s official Twitter account did begin tweeting about cyrptocurrency giveaways, it’s still more likely that his official Twitter account was compromised than him simply offering to double up the cyrptocurrency to anyone who visits a website.
And on a sidenote, if you’re lucky enough to hold a blue ticked Twitter account, please keep it safe. Educate yourself how phishing scams work, don’t reuse the same password across different accounts and enable two factor authentication. Because if your blue tick account gets taken over, it can be used like this to scam other people.