Scammers are using Twitter to run a fraudulent scheme to receive bitcoin payments.
USA Today reports that Tuesday saw the latest in a series of hacks on the social media platform. This time, hackers took control of Target’s twitter account, using the big-box retailer’s profile to send out a post with the cryptocurrency scam. Other accounts were also hit in the cybersecurity breach.
Hackers were able to control Target’s account for about half an hour, before the company was able to regain access and control of its profile. During that time, hackers posted a tweet that used an ad promising to distribute bitcoins in “the biggest crypto-giveaway in the world!” The ad continued, “We present cryptocurrency payments for your purchases in our store, and want to celebrate this event with all users!”
Twitter confirmed that this is not the first time that hackers have used such posts to try and perpetuate bitcoin fraud on the social media platform using Elon Musk’s profile information. Multiple high-profile verified accounts have recently been hacked, with the scammers altering the accounts by using Elon Musk’s Twitter photo, and then changing the account display name to Elon Musk. Then, the compromised accounts will direct users to click on a bitcoin giveaway link, which asks users to send over bitcoin in order to receive larger sums in return. Elon Musk’s actual Twitter account has not been compromised in these hacks.
Early this morning, our Twitter account was inappropriately accessed. The access lasted for approx. half an hour & one fake tweet was posted during that time about a bitcoin scam. We have regained control of the account, are in close contact with Twitter & are investigating now.— Target (@Target) November 13, 2018
Fortune reports that compromised accounts included Farah Menswear, a UK clothing brand, and publisher Pantheon Books. At this time, it is not clear how hackers are gaining access to the accounts.
These Elon Musk bitcoin scam tweets are relentless and follow the same formula: hack into a high profile account, change the image and name to one of Elon Musk, retweet loads of Tesla stuff to make it seem legit then post and promote the scammy tweet. pic.twitter.com/kxDm92R2Vb— Sam McFaul (@SamMcFaul) November 12, 2018
A Twitter spokesperson issued a statement about the breaches.
“We’ve substantially improved how we tackle cryptocurrency scams on the platform, and in recent weeks, impressions have fallen by a multiple of 10 as we continue to invest in more proactive tools to detect spammy and malicious activity. This is a significant improvement on previous action rates.”
Despite Twitter’s efforts to crack down on the hacks, many in the cryptocurrency industry are frustrated by the scams. Interestingly, mainstream cryptocurrency firms are not allowed to advertise on Twitter, and yet the hackers are able to run promoted ads in some cases for their scams.
Tech investor Jason Calacanis took to Twitter to suggest a method for stopping the fraudulent Elon Musk account scams.
here is a simple idea that doesn't require any AI @TwitterSupport: don't allow anyone to name their account Elon Musk AND (tweet the word bitcoin/ethernet/giveaway OR post a link to a page with the word bitcoin) without someone from @Twitter Support seeing it first. Welcome!— jason ???? ???????? ❤️ (@Jason) November 12, 2018
However, scammers have not just limited their impersonations to Elon Musk. Other impersonated accounts on Twitter include high-profile players in the cryptocurrency industry, including Ethereum creator Vitalik Buterin, Coinbase CEO Brian Armstrong, and Ripple CEO Brad Garlinghouse.