Beware, These are the Active Crypto Scams on Twitter

Beware, These are the Active Crypto Scams on Twitter
Table of Contents

In a series of Twitter threads, web3 security analyst, Serpent, has compiled a list of the most fiendish crypto and non-fungible token (NFT) scams currently active on Twitter.

As crypto-assets continue to gain the attention of investors all around the world, they have also become a target for scammers who are looking to make some easy profits by exploiting users. Technological evolution has made possible for fraudsters to make ostensible promises and sometimes integrate into the crypto space by using the anonymity of the internet to their advantage. Cybercriminals are using bots and malicious links to deceive unsolicited individuals of their cryptocurrency.

The Myriad Crypto Scam Schemes

Beware, These are the Active Crypto Scams on Twitter

On August 21, the cybersecurity analyst, Serpent, explained several ways in which cyber scammers and fraudsters target and exploit rookie crypto users through the use of copycat websites, URLs, accounts, hacked verified accounts, fake projects, fake airdrops, and countless malware. Serpent has been grappling with cryptocurrency scammers for quite a while higlighting various scams and the many creative ways, hackers use to gain access inside crypto wallets and drain digital assets.

According to the posts, the analyst emphasized how crypto phishing scams are a huge threat and growing more widespread every year. Serpent also detailed the dramatic spike in attacks on decentralized finance (DeFi) protocols. Online attackers use visually similar characters to deceive people in online phishing schemes. The attack is a form of “spoofing,” that is used by scammers using a visual deception to trick people into visiting malicious websites. Serpent wrote,

“Scammers have started spoofing URLs using lookalike unicode letters. They are changing the letter “i” to a lookalike character from a non-English alphabet.”

Serpent described another strategy known as “honeypot”. These are elaborate cyberattacks conducted through decentralized smart contracts. The scam begins with someone making contact, asking for help. Once a user sends any amount of money, however small it may be, a bot will instantly transfer the money out of the account, and to the scammer’s wallet. This is done through automated scripts that are listening for incoming transactions to the address, called sweeper bots.

According to the analyst, the “Fake Revoke.Cash Scam,” tricks users into visiting a phishing website by warning them that their crypto assets may be at risk, using a “state of urgency” to get users to click the malicious link. This urgency makes it easier to take advantage of users not wanting to miss out on an opportunity.

The Twitter threads also mentioned the “Crypto Recovery Scam” which is being used extensively by scammers to prey on individuals who have recently lost funds to a widespread hack. In this method, tricksters, attempt to target people who have already been scammed, and claim they can recover the funds. Serpent explained,

“They claim to be blockchain developers and say they need a fee to deploy a smart contract that will recover the stolen funds, which is of course not possible. They take the fee and run.”

‘Get Rich Quick’ Investors are Targeted the Most

Cyber criminals tend to offer very high compensation just to lure an individual, and then send an email which will contain malware, once opened, they will hack the user’s computer draining crypocurrencies and NFTs. In order to add legitimacy to their tweets, some scammers also issue scam alerts and use the threat of potential scammers as justification for why they “clean” or “close” comments or replies to their tweets.

After seeding a few of these fake tweets, the scammers leverage a Twitter feature for conversations to restrict who can respond to their tweets, thus preventing users from warning others about the potential fraud.

The “Uniswap Front Running Scam”, attacks users wanting to get in on a “get rich quick” scheme. This technique often uses a spam bot posting messages and telling users to watch a video on how to “make $1400/DAY front-running Uniswap” which instead tricks them into sending their funds to a scammer’s wallet.

Crypto Scams are Surging on all Social Media Platforms

Recently, billionaire entrepreneur, Elon Musk, had also acknowledged the soaring number crypto bots and spam accounts, skewing Twitter’s active user numbers. Musk had earlier shared a poll, in which he asked if Twitter users want an “edit” button, which more than 4.4 million people responded to, and 74 per cent in favour. He added,

“Now subtract crypto scam accounts that twitter constantly shows as “real” people in everyone’s feed.” 

On August 15, Changpeng Zhao, the chief executive of global cryptocurrency exchange Binance posted a tweet saying there are 7,000 profiles of “Binance employees” on LinkedIn, but only 50 of those were real. Over the past year, numerous reports from cyber security firms, and even advisories from government bodies, have highlighted how uncontrolled fake profiles have led to various scams.

Interstingly, crypto scams are happening not just on Twitter but on all social media fronts. At Black Hat 2022, a cyber security conference in the US, Allison Wikoff, director of global threat intelligence at consultancy firm PricewaterhouseCoopers (PwC), said state-sponsored hacking groups have been taking to LinkedIn to target a growing range of users for various purposes.


Follow us on Social Networks

Crypto Tutorials

Crypto Reviews