Summary: Cryptocurrencies are obviously a popular discussion topic online, but also an area rife with scams. One popular tactic of scammers is to impersonate certain famous people on Twitter, and pretend to be “giving away” cryptocurrency. Often, those scams work by saying if you give a small amount yourself, you’ll get back a larger amount.
"It's a bit of a cat and mouse game," says Duo's Anise. "When it first started, they would post a spam tweet," explains Wright. "And that was pretty much the end of it. But over time, we started seeing them get more advanced, and they would have accounts dedicated to liking that tweet, trying to give it credibility… and now we're seeing it taken to the next level, with hijacked accounts replying to the tweet saying it worked for them, trying to give an air of legitimacy." That highlights how the scammers' tactics have slowly evolved, and since Duo's report this summer they have new techniques, including the use of Twitter's paid-for marketing tool, Promoted Tweets. "It's just another example of how this operation is evolving over time," Wright says.
Those constant changes keep Twitter on its toes, as do unnoticeable edits to the text. While the promoted scam messages look nigh-on identical, suggesting they'd be easy for Twitter to block, they aren't always the same. "One thing we've noticed over time is the accounts using white space in a different way, or characters that may not be normal ASCII characters but maybe unicode," says Anise. "So it can be difficult to do pattern matching on the text of a tweet. It may look very simple to the human eye, but it may be different in terms of trying to implement this programmatically."
Twitter would let people keep the name if you proved your account was authentic.
Decisions to be made by Twitter:
- Are there ways to prevent scams that rely on impersonation while still allowing parody accounts?
- What tools can be used to try to identify scam cryptocurrency accounts?
- Is locking accounts with certain “popular” names a scalable method for preventing such scams?
Questions and policy implications to consider:
- Any popular service is going to get targeted by scammers, and impersonating popular users is a common technique. How much responsibility should popular services have for stopping those scams?
- As the story of Musk getting his own account locked demonstrates, procedures to stop scams can have unintended consequences. How can websites minimize such problems?
Resolution: Fake accounts offering fake cryptocurrency have continued to plague Twitter. In order to get around efforts to match avatars, the scammers are now even making tiny modifications to avatars to try to get around automated systems:
In early 2020 -- nearly two years after Twitter first started locking accounts, Musk himself warned his followers that the scammers were getting more and more sophisticated. In early 2021, there were reports of scammers hacking verified accounts, and then using them to trick people into believing Musk was giving away cryptocurrency, with one such scam apparently taking in hundreds of thousands of dollars.
Written by The Copia Institute, March 2021