Twitter Scam Uses Fake, Verified Elon Musk Accounts to Phish for Bitcoin

Hackers have figured out a new way to scam credulous internauts, with a new scam that borrows “verified” accounts’ blue checkmark to imply they are Elon Musk.

The scam caught attention recently because scammers managed to hack several official Twitter accounts, like Pathe UK (a film distributor), Matalan (a British fashion retailer), Pantheon Books, and more. Their accounts, though, weren’t of much interest to the scammers.

Rather, what they wanted was the little blue checkmark that lets people know that a given account is the official account for whoever or whatever is posting. Although the path to getting a blue checkmark isn’t quite public, it is normally a guarantee of authenticity. Or was.

Scammers, therefore, changed (for example) Pantheon Books’ account name to Elon Musk and then posted from that account as “Elon Musk.” With the blue checkmark, their tweets looked authentic and scammers could post about a massive (and misspelled) bitcoin giveaway.

From here, the scam is pretty familiar. “Musk” thanked readers for their “suppoot” [sic] and wanted to give away “10 000 Bitcoic (BTC) to all community!” [again, very sic], finally asking readers to participate in the giveaway by following a link to a site called spacex.plus.

The BBC reports that victims were asked to send 0.1 to 1 Bitcoin with the promise that they would send 1-10 Bitcoin in return. Naturally, no one received their Bitcoins in return.

The scam appears to be an evolution of a similar scam dating back to March. In that version, scammers still used fake Elon Musk accounts to ask for Bitcoin, but those were just lookalike accounts that had no blue checkmark.

[source: BBC]

Comments

comments