Author

Topic: [Warning]: Impersonation and spoofing of crypto related companies on Twitter (Read 192 times)

sr. member
Activity: 1622
Merit: 270
Undeads.com - P2E Runner Game
There are too many scam pages right now on the Internet which made users confuses. But I don't understand their behavior how could someone without proper recognition and proper way of organization, how could a page get the yellow tick. I have seen some of those accounts even which have newly created and they are of scammer's accounts and mostly they got these blue ticks and most of them got yellow tick.

Firstly, when I checked that there was a page like Arbitrum I mean account got yellow tick, so I was little confused then I have found the original one. Even they have more high followers then we think. So, these scammers should not be given this high authority rewards just like the yellow tick on the twitter.
hero member
Activity: 1652
Merit: 569
Catalog Websites
This is why we are advised to do our own proper research before engaging so as not to fall victim to scams. It is good one verifies before doing anything further to save themselves of stress and heartbreak.

What annoys me most about these scams of a thing is that newbies are the victims and that makes them have a negative thought and mindset towards crypto as a result of their experience in loosing huge amount of money as it seems to be their first time and in some cases, they are being made to invest in such project by a fellow who have no idea about the project to be a scam and when the unfortunate happens that friend is also termed a scammer. This is why we need to be careful when advising newbies on crypto investment when we too have not done our own due diligence.

This is exactly what creates hatred for crypto in mind of so many people as we think they are jealous because they didn't adopt the crypto at the early day but this remains the hidden secret as most of them would have already tried investing into crypto and ended up on scam or else some of them gets into future trading without knowing the basics just by going through signals provided in Twitter and end up losing which creates negative image in the mind, iAs you mentioned they should do their own research or just get things clarified in this forum before indulging into such act.
hero member
Activity: 1428
Merit: 513
Payment Gateway Allows Recurring Payments
Yeah, most of the time it's hard to imagine how crypto investors simply believed anything they see on their Twitter, and criminals is known to be good at spoofing everyone, not just like this kind of impersonation. Since the advent of AI, there has also been a lot of impersonation in Youtube resulting in millions lost from this scammers and this is a very dangerous world that we live it.
AI has made life of scammers and hackers more easier therefore all of us should get more knowledge about these new scams, another thing is these scams are not new, because impersonation/eavesdropping is happening from a long time and hackers are doing it. But they are doing it in different and unique new ways, so we have to get familiar with them. To get more knowledge of it. Therefore one of the forum member (BenCodie ) made a request to the administrator of the forum to add a separate section of cyber security so that all of us could get to know about new scams and how to prevent them.

The idea is to get knowledge and aware of the new scams and follow the steps to prevent them. Actually these hackers do know that the number of crypto users has been increased due to this bullish cycle and all of these newcomers are newbie and they know nothing about the scams that's why they are the only ones (mostly would be great to write in place of only only ones but i like only ones here) who become victims of it.
legendary
Activity: 2268
Merit: 1379
Fully Regulated Crypto Casino
I did not imagine that Twitter links could convince people to click on them, especially after the possibility of purchasing verification, which in my opinion would make all accounts suspicious.
Well if you followed the real user of that account you woulndt be victimized. There are lots of scammers perfecting the imitation of the original account owner by huge followers and even style of posting. Well some really thought that they are the one and eventually noticed its not. Twitter should be strict on blue or verified accounts cause some uses fake profile to register or confirm.
hero member
Activity: 1428
Merit: 513
Payment Gateway Allows Recurring Payments
They use this two things as bait to lure potential victims. First it is easier to get a verified account now on X (formerly Twitter) because of the subscription service that Elon Musk is running now. Before only reputable individuals could get that verified accounts now scammers just buy the blue tick. The second thing is they gather more followers either by growing the account or by purchasing it. Then naive people will look at this number of followers and the blue tick and then start trusting the account. This one of the reason why buying accounts is frowned upon on this forum. We need to educate ourselves and others that large followers or adverts from celebrities shouldn’t be a yard stick to trust any information on social media.
You have made a good point. I also used to judge Twitter accounts on the basis of the blue tick and the number of followers. Even when I had to judge a platform for business purposes, I used to think, Hey, this platform has lots of Twitter followers; they must be famous, and this project might become successful, but at the end, truth comes in front of us. But now, as you said, this blue tick feature is the main cause of all of this shit, and another thing I have observed is that the creation of accounts has become easier now in the context of bans.

Because back then, when Twitter was Twitter, not X new accounts got banned instantly or after some time, but now X accounts don't get banned at that rate. Therefore, it has become easier for scammers to set up a new X account. This needs to stop, but who will stop them? All we can do is never trust the blue tick and high number of followers.

What I will say is never connect your wallet to any site, if you intend to connect your wallet make sure it is not a wallet that holds funds, so when it back fire you don’t lose your funds. In fact you shouldn’t have a significant amount of funds on a wallet that is on device that is online.
In this case, the situation was created in such a manner that people who had funds in their wallets had to connect with the website because the bug news must have shocked them and urged them to connect their wallets to a revoke website so that they could revoke all the connected sites, which is a good thing to do because even after we have disconnected the website or any connected site from our wallet, those websites still have access to our wallet until we use a website like the revoke website (real one) not the one being used by the scammer (a fake one) to revoke the overall access of the websites (to which we have connected our wallet in the past).
sr. member
Activity: 728
Merit: 421
This is why we are advised to do our own proper research before engaging so as not to fall victim to scams. It is good one verifies before doing anything further to save themselves of stress and heartbreak.

What annoys me most about these scams of a thing is that newbies are the victims and that makes them have a negative thought and mindset towards crypto as a result of their experience in loosing huge amount of money as it seems to be their first time and in some cases, they are being made to invest in such project by a fellow who have no idea about the project to be a scam and when the unfortunate happens that friend is also termed a scammer. This is why we need to be careful when advising newbies on crypto investment when we too have not done our own due diligence.
hero member
Activity: 2464
Merit: 519
Impersonation is becoming increasingly difficult to deal with. They provide everything necessary; similar twitter account, website, telegram handle, even coin with similar features. I would recommend that one not rush into putting funds, but instead take time to research (compare sites and browse online). You can search known websites such as coingecko and coinmarket, and then follow the link from the website.
legendary
Activity: 1596
Merit: 1288
I am really sure those fake accounts will have account creation date not too old and followers are mostly fake.
I have friends who take everything that comes from social media seriously, and they may believe all the links that tell you that you can become rich or that warn you of losing your money, especially if they come from people who seem to understand what they are saying and have many likes and retweets. I see that if the view number when it low and there are a lot of retweets, then something abnormal is definitely happening.
hero member
Activity: 2870
Merit: 594
Good that this website has been taken down and offline, but the criminals was able to run off initially with $50,000. And I felt sorry for those victims. So in any case that this kind of attacks resurfaces again, just be cautious though and check everything first before you go and click any link.
That's sad but I wonder sometimes how people fall prey to these scams, overall, hackers and scammers are putting real work like how they managed to arrange a Twitter account and website (which I know is not that hard for scammers) but point is if they are doing real work then we (future victims) should also put some real efforts to get education of all kinds of scams.
Yeah, most of the time it's hard to imagine how crypto investors simply believed anything they see on their Twitter, and criminals is known to be good at spoofing everyone, not just like this kind of impersonation. Since the advent of AI, there has also been a lot of impersonation in Youtube resulting in millions lost from this scammers and this is a very dangerous world that we live it.

We should double check everything before connecting our wallets I have learnt this thing that when you do things fast without confirming, without double checking, you become a victim. Therefore we should verify a news from multiple resources and should join some community where we can discuss on new matters and should remain active. At least this work we can do if we want to avoid such scams.
Maybe we can't really reiterate enough that in crypto world, we shouldn't just trust anyone but verify. But I guess this is going to be a expensive lessons for those who fall for this trick and hopefully next time they have learned from it. And for us, just be cautious as well and simply not connect anything without checking the links.
hero member
Activity: 868
Merit: 952
That's sad but I wonder sometimes how people fall prey to these scams, overall, hackers and scammers are putting real work like how they managed to arrange a Twitter account and website (which I know is not that hard for scammers) but point is if they are doing real work then we (future victims) should also put some real efforts to get education of all kinds of scams.

They use this two things as bait to lure potential victims. First it is easier to get a verified account now on X (formerly Twitter) because of the subscription service that Elon Musk is running now. Before only reputable individuals could get that verified accounts now scammers just buy the blue tick. The second thing is they gather more followers either by growing the account or by purchasing it. Then naive people will look at this number of followers and the blue tick and then start trusting the account. This one of the reason why buying accounts is frowned upon on this forum. We need to educate ourselves and others that large followers or adverts from celebrities shouldn’t be a yard stick to trust any information on social media.


Quote
We should double check everything before connecting our wallets I have learnt this thing that when you do things fast without confirming, without double checking, you become a victim. Therefore we should verify a news from multiple resources and should join some community where we can discuss on new matters and should remain active. At least this work we can do if we want to avoid such scams.

What I will say is never connect your wallet to any site, if you intend to connect your wallet make sure it is not a wallet that holds funds, so when it back fire you don’t lose your funds. In fact you shouldn’t have a significant amount of funds on a wallet that is on device that is online.
hero member
Activity: 1428
Merit: 513
Payment Gateway Allows Recurring Payments
Good that this website has been taken down and offline, but the criminals was able to run off initially with $50,000. And I felt sorry for those victims. So in any case that this kind of attacks resurfaces again, just be cautious though and check everything first before you go and click any link.
That's sad but I wonder sometimes how people fall prey to these scams, overall, hackers and scammers are putting real work like how they managed to arrange a Twitter account and website (which I know is not that hard for scammers) but point is if they are doing real work then we (future victims) should also put some real efforts to get education of all kinds of scams.

Last time there was a application on Microsoft's app store on Windows which causes a loss of huge amount of money, and now this.

We should double check everything before connecting our wallets I have learnt this thing that when you do things fast without confirming, without double checking, you become a victim. Therefore we should verify a news from multiple resources and should join some community where we can discuss on new matters and should remain active. At least this work we can do if we want to avoid such scams.
hero member
Activity: 1414
Merit: 670
I did not imagine that Twitter links could convince people to click on them, especially after the possibility of purchasing verification, which in my opinion would make all accounts suspicious.
How did scammers steal money? Did they link the wallet or did they ask users to enter the seeds because simply clicking on a phishing link is not enough to steal your money?
Twitter has been used so many times to scam innocent people. Actually, many newbies are entering the crypto market as they are buying and want to gain profit from the upcoming bull run. To do that, they are trying everything and following everyone so that they can get and know more about any asset or incident.

But what they don't want to do is put in their own manual work; they just want to join communities and follow others and don't want to do their own research. That's why they become a sitting duck for scammers and become victims of these scams.

For example, many people lost funds when they connected their wallets to a website to claim NFTs that were posted on Viatlik's main account after being hacked by the hackers. We all should have one basic rule in our minds: never trust any link coming from Twitter, and to revoke access, we have to connect our wallet, and that's what all victims did because they do have some knowledge to not share seed phrases but don't have enough knowledge to check things out first.
sr. member
Activity: 658
Merit: 441
Scammers are thinkers, they're always coming up with new ploy to deceive unsuspecting individuals. What a well thought out plan! The scammer disseminated a wrong information from a fake account, instructing users to revoke their wallets from Uniswap by clicking the link. And the victims complied, not knowing that they're actually granting their wallets access to a malicious website.

Lesson learnt: No matter how doxxed a person or an institution is, whenever you receive a message like this, don't be in a rush, always confirm the information before taking any course of action.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
This clearly shows that the scammers are always one step ahead. They impersonated someone whom everyone in Crypto trusts, so when he says to do something, they do.
Sad for those who lost nearly $50,000. Kudos to the scammer for being so innovative, creating an account with a similar name, and still not being flagged by Zachxbt himself.
The domain sounds original to be very honest like that's what it's meant to do.
Scammers are also adapting to new ways to scam innocent people. In order to protect our assets, we should never believe the first moment anyone says anything if finance is involved. If the other person is in a hurry, then something is actually fishy. Rule of thumb. Not just phishing sites, they are also using spoofed emails. These emails look exactly like the original emails, with a minor difference. And there was no way to identify if it was real or fake the first time. A funny thing happened to me once. I used one of my emails on a crypto related site. Some days later, I got a message from an exchange saying that my account might be compromised and I had to change my credentials, even though I don't have any accounts on that exchange. lol... Grin
legendary
Activity: 2002
Merit: 2534
The Alliance Of Bitcointalk Translators - ENG>SPA
This clearly shows that the scammers are always one step ahead. They impersonated someone whom everyone in Crypto trusts, so when he says to do something, they do.
Sad for those who lost nearly $50,000. Kudos to the scammer for being so innovative, creating an account with a similar name, and still not being flagged by Zachxbt himself.
The domain sounds original to be very honest like that's what it's meant to do.

The scammer could better use his/her creative skills in something more productive (not only for him I mean, because the loot was large...). I hope that those who were scammed could afford to lose that money. I wonder if the social media platform itself can be made responsible of the loss for not establishing more strict security measures.
copper member
Activity: 1498
Merit: 1619
Bitcoin Bottom was at $15.4k
This clearly shows that the scammers are always one step ahead. They impersonated someone whom everyone in Crypto trusts, so when he says to do something, they do.
Sad for those who lost nearly $50,000. Kudos to the scammer for being so innovative, creating an account with a similar name, and still not being flagged by Zachxbt himself.
The domain sounds original to be very honest like that's what it's meant to do.
hero member
Activity: 798
Merit: 702
This scammer really doesn't know when to stop, and even with the awareness created about this form of scam to educate people on how to detect and avoid falling victim, they still come back with different methods, and most people really find it difficult to understand or notice a fake when they see one.
 
Impersonation is no longer a new form of scam on social media and the internet at large. That's why we highly advise people not to always use Google search engines or social media search bots to search for an account or website that they are looking for, because they might not be able to differentiate the clone from the real and at the same time might fall victim to a phishing site by just making the mistake of clicking on the wrong link.
 
It's always advisable for one to follow and bookmark the website and account they want to get legit information from; that's pages that they are sure are legit and that's gotten from the right source. It's always good to save and bookmark, as it reduces the chance of one getting scammed as a result of searching for a user account.
member
Activity: 66
Merit: 5
Eloncoin.org - Mars, here we come!
Empathetically I feel the pain of those scammed I mean I can't blame any victim for this scams because I have seen clone sites look almost exactly the same the difference can be very slight e.g Jumia.com a shopping site in Nigeria and this false Jumie.com. difference of a&e very small to notice.
And I have seen some site clone directly like have a site inside another site. most time it's only developers that can understand the error.
This scams occur regularly so it is a good idea to share with us to create awareness. in part of impersonation its a reoccurring event even on social media I see comedians being impersonated and the fake account even tend to be more real than the original, have more followers than that of the original comedian etc. We should just be more careful to find the original sites and accounts we are dealing with period.
hero member
Activity: 1722
Merit: 801
Rather than revoke smart contract approval and access to their wallets, they will lose tokens to those phishing sites.

There are three solid websites to revoke smart contract approval
https://app.unrekt.net/
https://revoke.cash/
https://etherscan.io/tokenapprovalchecker

The fake accounts on X (Twitter) can be easily detected with audit score for followers.
https://www.twitteraudit.com/
https://www.followeraudit.com/

I am really sure those fake accounts will have account creation date not too old and followers are mostly fake.
hero member
Activity: 714
Merit: 521
DGbet.fun - Crypto Sportsbook
There were reports of another scam attack thru impersonation, but this time it's different, they uses blockchain analytics or crypto fraud investigation firms and researchers, like CertiK, ZachXBT, and Scam Sniffer to fabricate that there was such breaches on Uniswap and OpenSea.

So to impersonate, this cyber criminals a Twitter name that resembles the legit ones. For example,

ZachXBT has the account @zachxbt, while the criminals created and tweeted from @zacheryxbt.



And after you click, you will be redirected to two websites:

Code:
http://revoketokens.io/
Code:
http://revokea.sh/

Good that this website has been taken down and offline, but the criminals was able to run off initially with $50,000. And I felt sorry for those victims. So in any case that this kind of attacks resurfaces again, just be cautious though and check everything first before you go and click any link.

https://www.bleepingcomputer.com/news/security/fraudsters-make-50-000-a-day-by-spoofing-crypto-researchers/

The moment we begin with the realization of the needs to always make satisfactory research and verification on anything we see online, that same time will be how we will be one more step faraway from being attacked.

Impersonation is a common means of attacking people and is one of the old times means they use to scam newbiew and those that don't pay attention to details by checking everything they see online before accepting their authenticity, they try to act in place of the intended organization in other to deceive being the official sites, agents or representative thereby sending unsolicited physhing links with the aim to attack through a malicious means.
full member
Activity: 728
Merit: 151
Defend Bitcoin and its PoW: bitcoincleanup.com
There were reports of another scam attack thru impersonation, but this time it's different, they uses blockchain analytics or crypto fraud investigation firms and researchers, like CertiK, ZachXBT, and Scam Sniffer to fabricate that there was such breaches on Uniswap and OpenSea.

So to impersonate, this cyber criminals a Twitter name that resembles the legit ones. For example,

ZachXBT has the account @zachxbt, while the criminals created and tweeted from @zacheryxbt.



And after you click, you will be redirected to two websites:

Code:
http://revoketokens.io/
Code:
http://revokea.sh/

Good that this website has been taken down and offline, but the criminals was able to run off initially with $50,000. And I felt sorry for those victims. So in any case that this kind of attacks resurfaces again, just be cautious though and check everything first before you go and click any link.

https://www.bleepingcomputer.com/news/security/fraudsters-make-50-000-a-day-by-spoofing-crypto-researchers/
why do we still fall for these kinds of schemes, this thing has happened before and is not new in the internet space, before email spoofing where they send a message saying they have to pay a certain SI or sales invoice, and since the email name looks legit they process the transaction, without looking at the email header
See the example:

The green and the red should be the same if they are not the same you should not process anything or don't even click a link
so we are better aware of this, clearly, they have evolved how they are going to trick people, so we better also evolve for our protection by being vigilant and careful, double check everything or checking it multiple times like how we transfer funds, before processing or clicking something to avoid this kind of thing from happening.
hero member
Activity: 2520
Merit: 783

Good that this website has been taken down and offline, but the criminals was able to run off initially with $50,000. And I felt sorry for those victims. So in any case that this kind of attacks resurfaces again, just be cautious though and check everything first before you go and click any link.

https://www.bleepingcomputer.com/news/security/fraudsters-make-50-000-a-day-by-spoofing-crypto-researchers/
This is a simple example of "don't be in a hurry when surfing the internet", Many times people fall into this impersonated sites similarity scam is mainly when they are in a hurry, not frugally paying attention to what they are clicking. They just assume since the site  has the letters they are familiar with so therefore it should be exact site they are clicking.

It's a pity a woofing $50k was lost by individuals to this scam before it was discovered , however, better late than never. For sure this action will continually surface which is why the caveat should be on us that targeted users be cautious, attentive, never get tired/bored of cross checking a site eaxh time you are to use/click on it if it's the actual site you intend to use.

Don't let laziness cause you your fortune.

People need to consider that this impersonation exist and they need to do extra effort to make their self safe by researching the real companies or person that they want to deal so that they would not be scammed by those people who use this technique to scam people. Researching will not cost a lot of time so much better for newbies to exert some little efforts to locate those legit and directly send a message to them. They also need to remember that a legit corporation will not pm them first but rather you will be the one who would approach them. Since if someone will send you a private message then tag it as scam and avoid so that we will not fall on their scams.

Being lazy will give us a huge benefit but rather it will just give us a headache and financial loss that's why to avoid it better if we could just do a research on everything we do since its important if we know how this people work so that we are away for any type of scamming.
sr. member
Activity: 700
Merit: 470
Hope Jeremiah 17vs7
$50,000 wow but it's dissappointing how we humans will just put high hopes on someone and never ever try to consider anything they say again if it's false, like if these individuals are gods themselves or being cautious of impersonation online on those they follow. It's dissappointing but this will continue but if anyone in this Forum falls victim then they should really be ashamed because one thing I have learnt from this forum is that the Internet is not always a safe place.
hero member
Activity: 938
Merit: 605
Leading Crypto Sports Betting & Casino Platform

Good that this website has been taken down and offline, but the criminals was able to run off initially with $50,000. And I felt sorry for those victims. So in any case that this kind of attacks resurfaces again, just be cautious though and check everything first before you go and click any link.

https://www.bleepingcomputer.com/news/security/fraudsters-make-50-000-a-day-by-spoofing-crypto-researchers/
This is a simple example of "don't be in a hurry when surfing the internet", Many times people fall into this impersonated sites similarity scam is mainly when they are in a hurry, not frugally paying attention to what they are clicking. They just assume since the site  has the letters they are familiar with so therefore it should be exact site they are clicking.

It's a pity a woofing $50k was lost by individuals to this scam before it was discovered , however, better late than never. For sure this action will continually surface which is why the caveat should be on us that targeted users be cautious, attentive, never get tired/bored of cross checking a site eaxh time you are to use/click on it if it's the actual site you intend to use.

Don't let laziness cause you your fortune.
hero member
Activity: 630
Merit: 510
I did not imagine that Twitter links could convince people to click on them, especially after the possibility of purchasing verification, which in my opinion would make all accounts suspicious.
How did scammers steal money? Did they link the wallet or did they ask users to enter the seeds because simply clicking on a phishing link is not enough to steal your money?
hero member
Activity: 1526
Merit: 555
There were reports of another scam attack thru impersonation, but this time it's different, they uses blockchain analytics or crypto fraud investigation firms and researchers, like CertiK, ZachXBT, and Scam Sniffer to fabricate that there was such breaches on Uniswap and OpenSea.

So to impersonate, this cyber criminals a Twitter name that resembles the legit ones. For example,

ZachXBT has the account @zachxbt, while the criminals created and tweeted from @zacheryxbt.



And after you click, you will be redirected to two websites:

Code:
http://revoketokens.io/
Code:
http://revokea.sh/

Good that this website has been taken down and offline, but the criminals was able to run off initially with $50,000. And I felt sorry for those victims. So in any case that this kind of attacks resurfaces again, just be cautious though and check everything first before you go and click any link.

https://www.bleepingcomputer.com/news/security/fraudsters-make-50-000-a-day-by-spoofing-crypto-researchers/
Jump to: