Image of man in hard hat holding a bitcoin signifying cryptocurrency scams using celebrity twitter accounts
Beware the Latest Cryptocurrency Scams Involving Celebrity Twitter Accounts

Beware the Latest Cryptocurrency Scams Involving Celebrity Twitter Accounts

Like most scams, the latest cryptocurrency scams plaguing social media platforms like Twitter are a case of “too good to be true.” Did you really believe that tech celebrities like Elon Musk or Vitalik Buterin would start giving away free cryptocurrency to their followers on Twitter? Did you really think that Hollywood stars like Jamie Foxx and sports stars like Floyd Mayweather wake up some days and decide to give away Bitcoin, Ethereum or any of the other popular alt-coins?

How Twitter cryptocurrency scams work

These Twitter cryptocurrency scams are so popular with cryptocurrency thieves and hackers simply because they are so easy to pull off on a daily basis. These hackers essentially piggyback on the celebrity status of big icon figures, who already have hundreds of thousands of followers. And they use the viral nature of social media to make sure that as many people as possible see and respond to their scam.

Here’s how the classic Twitter cryptocurrency scam works: a celebrity like Elon Musk sends out a tweet – such as the announcement of a new Falcon 9 rocket launch – and then a fake Elon Musk account comments on the tweet, announcing a free cryptocurrency giveaway because he’s so excited about the event. Just send a small amount of crypto to him and he’ll send you back 5, 10 or even 20 times the amount that you sent him. And then to make the scam as irresistible as possible, the hackers will use bots to like and comment on their comment. By the time the hackers are done, it can be hard to mistake fact for fiction!

Things have gotten so bad and so out of control that Vitalik Buterin – the creator of the popular Ethereum (ETH) cryptocurrency, has even changed his Twitter handle to Vitalik “Not Giving Away ETH” Buterin. He’s tired of people setting up fake accounts and trying to scam regular Twitter users out of their cryptocurrency. And John McAfee (of McAfee anti-virus fame) has also told his followers that he’s not giving away anything, ever.

Elad Erez, Director of innovation at security firm Imperva, started to notice a real rise in this sort of activity near the end of 2017, “Fraudulent crypto activities impersonating celebrities or influencers and taking advantage of their reputation, are definitely on the rise. A few weeks ago, we witnessed attackers target John McAfee’s iPhone (or directly AT&T) in order to take control over his Twitter account. Beginning of December 21, 2017 – he announced his “coin of the day” recommendation (later on changed to “coin of the week”) to his 800,000 followers. Due to this huge amount of followers, single tweets of Mr. McAfee have successfully influenced the volume (and price) of his coin recommendations, where some of the cryptocurrencies have instantly spiked in 60 to 350 percent.”

The rising trend of cryptocurrency scams in 2018

The Twitter cryptocurrency scams are really just a small part of the many scams being perpetrated in the crypto market on a daily basis. According to Bitcoin News, over $9 million is lost every day in crypto scams – and that’s just the scams that we know about and are reported. This $9 million figure is the sum total of all the phishing, hacking, fraud and downright theft attacks that have taken place this year.  On an annualized basis, that works out to about $3.25 billion – or about the total annual GDP of a small underdeveloped nation!

In just the first two months of 2018, there have been 22 scams that have netted thieves more than $400,000 for their efforts. In total, over $1.36 billion has been stolen in just two months! Some of the crypto scams are now infamous, such as the Bitconnect scam, one of many Ponzi schemes to have rocked the crypto world.

And there is even growing concern that many initial coin offerings (ICOs) are really just a form of scam as well. People are told by touts all over the crypto world to buy up a hot new digital currency when it debuts – but it turns out that, just like the Twitter cryptocurrency scams, the story of a crypto that will skyrocket in value overnight is also too good to be true.

Is there a way to protect digital currency markets from cryptocurrency scams?

While it might be easy to dismiss the cryptocurrency markets as being inherently fraudulent almost by their very nature, the reality is that crypto is here to stay and it’s up to somebody to take responsibility for what’s happening. To its credit, Twitter says it is working now to suspend or close down fraudulent Twitter accounts that are creating, sharing and amplifying these cryptocurrency scams.

But the problem with cryptocurrencies is that they are blockchain based, and that means that they are inherently decentralized. Blockchain technology is all about creating a hyper-decentralized, peer-to-peer network of people trading currency, all of which is protected by cryptography. Put another way, nobody is in control of different cryptocurrency markets. Unlike traditional currencies, which are regulated by central banks and other financial regulatory bodies, there is no “regulator” in charge of, say, Bitcoin.

Of course, there are signs that this could be changing. For one, some cryptocurrency exchanges where people buy and sell crypto are now sharing information with the IRS and other regulators. Facebook has famously moved to block specific cryptocurrency ads on its social media platform. Twitter is taking steps to block fake Twitter accounts of famous icons and celebrities.

Buyer beware in the high-stakes crypto markets

Ultimately, the best advice might be the most obvious: beware of anything that sounds too good to be true. Cryptocurrency scams, in many ways, are just like any other phishing scam on the Internet these days. They rely on people being gullible, yes, but they also rely on people not checking the actual names of accounts being used to scam them of their crypto. For example, one fake Twitter cryptocurrency scam account was using “@VitalikButter” instead of “@VitalikButerin” to scam users into sending him (or her?) ETH. Shouldn’t that have been an obvious indication that something wasn’t right?

Tyler Reguly, manager of software development at Tripwire, commented on the importance of remaining vigilant on social media for similar types of scams, “In the case of Twitter, there were plenty of red flags that should have stopped users from making this mistake. First, the posts were missing the Twitter verified checkmark. This should have stopped the conversation and any assumptions that these were authentic celebrity posts. Second, the usernames were visible and clearly misspelled.”

The big question, says Reguly, is whether Twitter should be held more responsible, “Could Twitter do more to protect against this? To protect their most vulnerable users? One option might be to introduce verified-only mode. A lot of people use Twitter, not to partake in the conversation, but simply to follow their favorite celebrities. These are often the less savvy users who may be more likely to fall for this type of scam. Since most celebrities are verified at this point, allowing users to set themselves to verified-only mode would remove the risk of them being tricked by fake accounts.”

Experts warn that crypto thieves are becoming ever more resourceful. One of the more creative cryptocurrency scams unearthed by the security firm Imperva, for example, involved the insertion of malicious crypto-mining code into an image of Hollywood actress Scarlett Johansson, and then posting that image on a popular image-hosting site. As soon as a fan of Johansson downloaded the “photo,” it triggered the activation of the malicious code.

Koby Kilimnik, security researcher specialist at Imperva, suggested that these scams are really just an evolution of what has always existed. Remember when people warned about Western Union scams and sending money to strangers overseas? Or emails from “Nigerian princes” who want to send you money?

As Kilimnik points out, “Scams have always been illusive in general since we are talking about an ‘evil’ player using legitimate tools to trick people into handing over their money. The scammer hacks the human, not the platform, hence it’s hard to automate such detection mechanisms completely. This technique is very common, but here we see the usage of crypto accounts instead of Western Union. The more popular crypto gets there more we will see scammers getting into it as well… My advice for users is, don’t send funds to anyone promising they will give it back plus much more, be it a celeb or an average Joe.”

So be prepared for plenty more cryptocurrency scams throughout 2018, especially if the prices of cryptocurrencies like Bitcoin continue to skyrocket. If the first two months have been any indication of what to expect, we’re in for a long and rocky ride for the remaining nine months of the year!