Cryptocurrency Scammers on Twitter Pose as Celebrities to Steal Digital Cash

Celebrities and technologists including SpaceX founder Elon Musk and anti-virus expert John McAfee are being targeted in a persistent Twitter scam that attempts to steal cryptocurrency using fake accounts and bot networks that promise 'giveaway' offers to their followers.

Using social networks to facilitate phishing campaigns, the long-running scam is the modern-day equivalent of the trusty Nigerian Prince email scam—praying on the gullible to make easy money. Reports of the fraud have been surfacing online since February, and it shows no signs of slowing down.

The tweets lure victims with offers of popular cryptocurrencies including bitcoin (BTC) and ethereum (ETH), often posting direct links to where they can be sent.

Elon Musk
Billionaire entrepreneur and founder of SpaceX Elon Musk speaks at the 68th International Astronautical Congress 2017 in Adelaide on September 29, 2017 PETER PARKS/AFP/Getty Images

On Monday, a Twitter account posing as Musk wrote online: "Just for today I've decided to give away 3,000 ETH to my fans. Simply send 0.4-4.0 ETH to my address and I'll send you back 5-40 ETH. If you are late, your ETH will be sent back." The tweet, sent from a handle (@elonmuskik) which had been dormant since September 2017, gained hundreds of likes on the platform.

An influx of bots

As part of the scam, bots are deployed to comment and share fake tweets.

The culprits, who remain unknown, are linking to external blogging websites including Medium. "So nice! Just sent and immediately received back! You're super fast," read one bot reply. Records of ethereum wallets indicate people are falling for the ruse, but the scam's full profits remain unknown.

On Tuesday, a crypto exchange called Kraken said that one of its support accounts had been blocked by Twitter's automated systems over links to the spam.

While the profile was later reinstated, legitimate tweets about the matter were later hijacked by the same scammers and bots. A pinned tweet reads: "Beware of Twitter handles that are similar to ours that promise coin giveaways, if you send them a deposit first. We are not doing a giveaway at this time."

Vitalik Buterin, the 23-year-old co-founder of Ethereum, has now changed his Twitter name to "Vitalik 'No I'm not giving away ETH' Buterin" after being targeted. He wrote: "No, I'm not giving away ETH. Or BTC. Or BCH. Or DOGE. Y'all are getting nothing."

Of course, under his real tweet there was a link to a fraudulent giveaway.

A Twitter spokesperson told Newsweek in a statement: "We're aware of this form of manipulation and are proactively implementing a number of signals to prevent these types of accounts from engaging with others in a deceptive manner."

No, I'm not giving away ETH.

— vitalik.eth (@VitalikButerin) March 4, 2018

"I do not give away anything"

John McAfee, the creator of the anti-virus software that still bears his surname, says he has been the focus of impersonators for months.

"The scammers are becoming problematic," he recently wrote to his 800,000 followers. "Twitter has been no help," he added. "When I go into protected tweet mode my Twitter app crashes because it cannot handle the volume of follow requests. Do not fall for any giveaways. I do not give away anything."

John McAfee
US anti-virus software pioneer John McAfeearrives at the Aurora international airport in Guatemala City on December 12, 2012. JOHAN ORDONEZ/AFP/Getty Images

While the majority of fake accounts are eventually suspended by Twitter, some can stay online for hours at a time, racking up significant attention.

They are, however, easy to spot thanks to a lack of a 'verified' blue tick and profile names containing spelling mistakes alongside random letters, numbers or symbols. Unfortunately, if an account is banned a fresh one can be set up in minutes.