Homecryptocurrency News

    5 crypto Twitter scams every investor should know about

    5 crypto Twitter scams every investor should know about

    5 crypto Twitter scams every investor should know about
    Read Time
    5 Min(s) Read
    Profile image

    By CNBCTV18.com  IST (Published)

    Mini

    Of late, crypto Twitter has also become a playground for tricksters and bad actors looking to dupe unsuspecting investors out of their hard-earned crypto holdings. These miscreants employ dozens of techniques to access user wallets or get victims to send them tokens under false pretences. Here's a look at some of the most common crypto and NFT scams on Twitter-

    Crypto Twitter is a budding space for the virtual currency faithful. It is populated by blockchain projects, CEOs, founders, lead developers, and retail investors, all posting their musings about the crypto industry. Therefore, it has quickly become the go-to forum for industry updates, expert opinions, and the latest crypto offers.
    However, of late, crypto Twitter has also become a playground for tricksters and bad actors looking to dupe unsuspecting investors out of their hard-earned crypto holdings. These miscreants employ dozens of techniques to access user wallets or get victims to send them tokens under false pretences.
    Here's a look at some of the most common crypto and NFT scams on Twitter, as highlighted by cyber security analyst 'Serpent'.
    The honeypot scam:
    Honeypot scams are one of the most common financial exploits, transcending both traditional finance and the crypto industry. They have now made their way to Twitter as well. Bad actors lure victims into sending crypto to a wallet and then take off with the funds.
    For instance, they may offer lucrative rewards for assistance in simple tasks, such as transferring coins from one wallet to another. As per Serpent, the scammer may pose as a crypto newbie who has mysteriously won a crypto stockpile but is unaware of how to trade these tokens for fiat currency. The wallet actually contains the mysterious winnings, adding credibility to the scammer's claims, but will lack accepted tokens to cover the transaction fees.
    When you transfer over the funds to cover transaction fees, a bot will automatically send your tokens to a wallet controlled by the scammer.
    Fake posts and hacked accounts that create FUD: It has become extremely easy to buy/use bots to create fake likes and retweets. Bad actors can use this to their advantage, inducing a state of urgency to direct users to a phishing website. They can even turn off the comments for the tweet, barring whistle-blowers from exposing the scheme.
    Once a user arrives on the fake landing page, they may be asked to enter their wallet details to complete certain actions, such as revoking permissions to safeguard themselves against a supposed attack. These details are recorded and can now be used by the scammer to drain accounts.
    Fake airdrops, lookalike links and landing pages: According to Serpent, scammers have begun using Unicode letters to create lookalike links to fake airdrops. The links direct users to hoax websites that are very similar to actual registration pages. Users fill in their login credentials, unknowingly revealing all their details to the scammers, who then drain their accounts.
    Unicode letters are symbols and signs that can look like regular letters. For instance, this inverted exclamation mark '¡' can be used an 'i' in a link. Similarly, the symbol for the Greek letter alpha 'α' maybe used as 'a'. These may look like links to legitimate pages and are followed up with near duplicates of genuine websites, making it easy to trick users.
    Fake crypto recovery services: Users often take to Twitter to convey their disappointment after they have been hacked or scammed. Bad actors use keywords to stumble upon such tweets and then use fake accounts to offer help. These fake accounts point users to supposed blockchain experts that claim they can recover the funds. Of course, this service comes at a fee.
    Desperate to recover their funds, people pay this fee. Upon receiving the payment, the bad actors become unresponsive. This is a very cold approach, giving hope and taking advantage of those who have already lost their holding to some illicit activity.
    Fake games and art commissions: This exploit works by asking users to download a certain file on to their PCs. While it may seem like an ordinary file from the surface, it harbours some kind of malware or script that can scan your system for passwords and private keys.
    In the case of fake gaming exploits, bad actors will send users a prototype of a P2E platform. They would be asked to try the game and promised a reward for their review. The user extracts the file, which also contains the malware, and runs the program. Similarly, bad actors can also approach artists and commission them to create digital art for some fake company. They may send some reference material, which often contains malware or malicious scripts.
    In both cases, once the files are downloaded and opened, they begin accumulating and relaying sensitive information that bad actors can use to syphon digital assets.
    In all, Serpent highlighted 8 crypto Twitter scams that are doing the rounds on the microblogging site these days. All these exploits can be difficult to spot.
    However, they all require human error to be successful. Without specific actions from your end, these hacks and attacks cannot be pulled off. Therefore, you can easily avoid these schemes with the right amount of research and diligence.
    Check out our in-depth Market Coverage, Business News & get real-time Stock Market Updates on CNBC-TV18. Also, Watch our channels CNBC-TV18, CNBC Awaaz and CNBC Bajar Live on-the-go!
    arrow down

      Most Read

      Market Movers

      View All
      CompanyPriceChng%Chng