8 sneaky crypto scams on Twitter right now
Cybersecurity analyst Serpent has revealed its picks for the scariest crypto and non-fungible token (NFT) scams currently active on Twitter.
The analyst, who has 253,400 followers on Twitter, is the founder of artificial intelligence and community-driven crypto threat mitigation system, Sentinel.
In a 19-part thread posted on August 21, Serpent outlined how scammers target inexperienced crypto users through the use of copycat websites, URLs, accounts, hacked verified accounts, fake projects, fake airdrops and lots of malware.
One of the more worrisome strategies comes amid a recent wave of cryptophishing scams and protocol hacks. Serpent explains that the “Crypto Recovery Scam” is being used by bad actors to trick those who have recently lost money to a widespread hack, saying:
“Simply put, they are trying to target people who have already been defrauded and claim they can get their money back.”
According to Serpent, these scammers claim to be blockchain developers and seek out users who have fallen victim to a recent large-scale hack or exploit, asking them for a fee to deploy a smart contract that can recover their stolen funds. Instead, they “take the fee and run.”
This was seen in action after the multimillion-dollar exploit that affected Solana wallets earlier this month, with Heidi Chakos, host of YouTube channel Crypto Tips, warning the community to watch out for scammers offering a fix for the hack.
Another strategy also exploits recent exploits. According to the analyst, “Fake Revoke.Cash Scam” tricks users into visiting a phishing website by warning them that their crypto assets may be at risk, using a “state of urgency” to get users to click on the malicious link.
Another strategy uses “Unicode Letters” to make a phishing URL look almost exactly like a real one, but replaces one of the letters with a Unicode lookalike, while another strategy sees fraudsters hack a verified Twitter account , which is then renamed and used to impersonate someone with influence to shill fake coins or airdrops.
The remaining scams target users who want to participate in a “get rich quick” scheme. This includes the “Uniswap Front Running Scam”, often seen as spam bot messages asking users to watch a video on how to “earn $1400/DAY front running Uniswap” which instead tricks them into sending their money to a scammer’s wallet .
Another strategy is known as a “Honeypot account” – where users are supposedly leaked a “private key” to access a loaded wallet, but when they try to send crypto to fund the transfer of coins, they are immediately sent away to the fraudsters’ wallet via a fine.
Other tactics involve asking valuable NFT collectors to “beta test” a new Play-to-earn (P2E) game or project, or commissioning fake work for NFT artists – but in both cases the list is just an excuse to send those malicious files that can scrape browser cookies, passwords and extension data.
Related: Aurora Labs CEO describes “fascinating and devious” crypto scam he almost fell for
Last week, a report from Chainalysis noted that crypto-fraud revenue fell by 65% in 2022 so far, due to falling asset prices and inexperienced crypto users exiting the market. Total year-to-date crypto fraud revenue currently stands at $1.6 billion, down from roughly $4.6 billion the year before.