In a series of Twitter threads, web3 security analyst, Serpent, has compiled a list of the most fiendish crypto and non-fungible token (NFT) scams currently active on Twitter.
As crypto-assets continue to gain the attention of investors all around the world, they have also become a target for scammers who are looking to make some easy profits by exploiting users. Technological evolution has made possible for fraudsters to make ostensible promises and sometimes integrate into the crypto space by using the anonymity of the internet to their advantage. Cybercriminals are using bots and malicious links to deceive unsolicited individuals of their cryptocurrency.
🚨 CURRENTLY RUNNING TWITTER SCAMS 🚨
In this thread I've compiled a list of the most popular currently running crypto/NFT scams on Twitter.
Here's how they work 🧵👇
— Serpent (@Serpent) August 21, 2022
The Myriad Crypto Scam Schemes
On August 21, the cybersecurity analyst, Serpent, explained several ways in which cyber scammers and fraudsters target and exploit rookie crypto users through the use of copycat websites, URLs, accounts, hacked verified accounts, fake projects, fake airdrops, and countless malware. Serpent has been grappling with cryptocurrency scammers for quite a while higlighting various scams and the many creative ways, hackers use to gain access inside crypto wallets and drain digital assets.
🚩🚩 UNICODE LETTERS 🚩🚩
Scammers have started spoofing URLs using lookalike
unicode lettersIn this case, they are changing the letter "i" to a lookalike character from a non-English alphabet
The URLs respectively resolve to:
• xn--premnt-s9a[.]xyz
• xn--premnt-zva[.]xyz pic.twitter.com/WxUCvHRGyM— Serpent (@Serpent) August 21, 2022
According to the posts, the analyst emphasized how crypto phishing scams are a huge threat and growing more widespread every year. Serpent also detailed the dramatic spike in attacks on decentralized finance (DeFi) protocols. Online attackers use visually similar characters to deceive people in online phishing schemes. The attack is a form of “spoofing,” that is used by scammers using a visual deception to trick people into visiting malicious websites. Serpent wrote,
“Scammers have started spoofing URLs using lookalike unicode letters. They are changing the letter “i” to a lookalike character from a non-English alphabet.”
Serpent described another strategy known as “honeypot”. These are elaborate cyberattacks conducted through decentralized smart contracts. The scam begins with someone making contact, asking for help. Once a user sends any amount of money, however small it may be, a bot will instantly transfer the money out of the account, and to the scammer’s wallet. This is done through automated scripts that are listening for incoming transactions to the address, called sweeper bots.
🚩🚩 HONEYPOT ACCOUNT 🚩🚩
I'm sure we've all gotten this DM, and I'm sure many of you are wondering, how would they be able to scam you from this?
The wallet itself has the USDT in it, but it will not have the money for transaction fees to transfer the USDT out. pic.twitter.com/lISvWFugly
— Serpent (@Serpent) August 21, 2022
According to the analyst, the “Fake Revoke.Cash Scam,” tricks users into visiting a phishing website by warning them that their crypto assets may be at risk, using a “state of urgency” to get users to click the malicious link. This urgency makes it easier to take advantage of users not wanting to miss out on an opportunity.
🚩🚩 FAKE https://t.co/IPHqukvxdA SCAM 🚩🚩
In the attached pictures, we can see scammers pretending to be OpenSea (second screenshot is a hacked verified account) attempting to induce a state of urgency and play off of your fears to trick you into visiting a phishing website. pic.twitter.com/GbkvsZvOgm
— Serpent (@Serpent) August 21, 2022
The Twitter threads also mentioned the “Crypto Recovery Scam” which is being used extensively by scammers to prey on individuals who have recently lost funds to a widespread hack. In this method, tricksters, attempt to target people who have already been scammed, and claim they can recover the funds. Serpent explained,
“They claim to be blockchain developers and say they need a fee to deploy a smart contract that will recover the stolen funds, which is of course not possible. They take the fee and run.”
‘Get Rich Quick’ Investors are Targeted the Most
Cyber criminals tend to offer very high compensation just to lure an individual, and then send an email which will contain malware, once opened, they will hack the user’s computer draining crypocurrencies and NFTs. In order to add legitimacy to their tweets, some scammers also issue scam alerts and use the threat of potential scammers as justification for why they “clean” or “close” comments or replies to their tweets.
After seeding a few of these fake tweets, the scammers leverage a Twitter feature for conversations to restrict who can respond to their tweets, thus preventing users from warning others about the potential fraud.
🚩🚩 UNISWAP FRONTRUNNING SCAM 🚩🚩
You may have seen this being spammed in the replies of random tweets, but how does it actually work?
The link takes you to a video teaching you how to "make $1400/DAY front-running Uniswap" pic.twitter.com/Ecr6ynBdNf
— Serpent (@Serpent) August 21, 2022
The “Uniswap Front Running Scam”, attacks users wanting to get in on a “get rich quick” scheme. This technique often uses a spam bot posting messages and telling users to watch a video on how to “make $1400/DAY front-running Uniswap” which instead tricks them into sending their funds to a scammer’s wallet.
Crypto Scams are Surging on all Social Media Platforms
Now subtract crypto scam accounts that twitter constantly shows as “real” people in everyone’s feed
— Elon Musk (@elonmusk) April 9, 2022
Recently, billionaire entrepreneur, Elon Musk, had also acknowledged the soaring number crypto bots and spam accounts, skewing Twitter’s active user numbers. Musk had earlier shared a poll, in which he asked if Twitter users want an “edit” button, which more than 4.4 million people responded to, and 74 per cent in favour. He added,
“Now subtract crypto scam accounts that twitter constantly shows as “real” people in everyone’s feed.”
On August 15, Changpeng Zhao, the chief executive of global cryptocurrency exchange Binance posted a tweet saying there are 7,000 profiles of “Binance employees” on LinkedIn, but only 50 of those were real. Over the past year, numerous reports from cyber security firms, and even advisories from government bodies, have highlighted how uncontrolled fake profiles have led to various scams.
LinkedIn has 7000 profiles of "Binance employees", of which only 50 or so are real. I wished LinkedIn has a feature to let the company verify people. So, many "hey I am responsible for listing" scammers on LinkedIn. Be careful. https://t.co/Qnsl02iQUT
— CZ 🔶 Binance (@cz_binance) August 14, 2022
Interstingly, crypto scams are happening not just on Twitter but on all social media fronts. At Black Hat 2022, a cyber security conference in the US, Allison Wikoff, director of global threat intelligence at consultancy firm PricewaterhouseCoopers (PwC), said state-sponsored hacking groups have been taking to LinkedIn to target a growing range of users for various purposes.