In an emerging online scam that is targeting Twitter, scammers are posing as well-known celebrities to trick Twitter users into handing over crypto-currency.
The incredibly simple yet prolific scam works as follows –
1. Scammer poses as a well-known celebrity on Twitter offering free crypto-currency. They post a link to their too-good-to-be-true offer.
2. Firstly, however, the victim must send over a small amount of crypto-currency first in order to get their much larger free crypto-currency prize.
3. Scammers steal that crypto-currency and run.
That’s literally it.
The end-game of the scam itself is incredibly simple. Claim to give away a larger prize in return for a comparatively smaller fee, and then just steal the fee without giving away the prize. It’s basically the same business model as those Advance Fee “Nigerian lawyer” email scams that you still see from time to time.
Sponsored Content. Continued below...
The most interesting part of the scam is the social engineering aspect of it. By that we mean how the scammers trick victims into sending over the crypto-currency in the first place. That is achieved by some convincing Twitter celebrity impersonations and a staggeringly large army of Twitter bots.
Firstly the scammers create accounts under the names of celebrities. In the example below, scammers used SpaceX founder Elon Musk. They use Elon Musk’s name and his Twitter profile picture.
Secondly, they post their fake offers in the Reply (comments) section of legitimate tweets made by the celebrity they’re impersonating. See the screenshot below, which shows a legitimate Musk tweet, soon followed by the fake Musk reply offering free Ethereum, a popular crypto-currency like Bitcoin.
The fake Elon Musk reply to the legitimate Elon Musk tweet appears high up in the replies section, meaning it will be seen by plenty of Twitter users. That high ranking is achieved by an army of Twitter bots also owned by the crooks. Such bots are automated Twitter accounts that will reply and like any tweet the crooks want. In this case, dozens of positive comments appeared on the fake reply; all made from Twitter bots.
As you can see from the screenshot above, the bots also liked the reply hundreds of times. As a consequence, the reply appears higher and higher, and is seen by more Twitter users.
Sponsored Content. Continued below...
Eagled eyed viewers will notice, however, that the fake Elon Musk reply lacks the blue verification tick offered by Twitter to verified users, and that really is the key to rooting out these scams. That, and understanding that no celebrities are offering free crypto-currency, of course!
Once again Twitter has been lambasted for not removing these fake tweets fast enough and allowing large armies of Twitter bots to stay on their platform for so long.
Twitter told the BBC –
We’re aware of this form of manipulation and are proactively implementing a number of signals to prevent these types of accounts from engaging with others in a deceptive manner
Remember that a number of celebrities are being impersonated in this type of scam. As we stated above, such scam accounts will lack the blue verification tick and NO celebrity is offering free crypto-currency.