Twitter phishing attack, automatically detecting post content, targeting newcomers unfamiliar with crypto wallets!
Due to the increasing number of users in digital currencies, cryptocurrency scams are also on the rise. Recently, a new phishing method has emerged on Twitter, where automated bots scan users' tweets, and if specific keywords are detected, they automatically reply with scam messages, aiming to steal users' cryptocurrency wallet information.
Table of Contents
Twitter Wallet Phishing Attacks
According to the foreign media outlet BleepingComputer, cryptocurrency scams on Twitter are becoming more diverse, no longer limited to the common "send 1 BTC, get 10 BTC back" schemes. Scammers are now targeting not just the cryptocurrencies in users' wallets, but the entire wallet itself.
BleepingComputer found that scam groups are monitoring all public posts on Twitter using the Twitter API. If a Twitter post contains words seeking help like support, help, or assistance, along with keywords related to crypto wallets such as MetaMask, Phantom, Yoroi, or Trust Wallet, the post will receive a reply from scam bots within seconds of being published.
https://twitter.com/Cerberus955/status/1467951620478672896
Responses mainly come in two forms; most bots pretend to be victims facing the same issues and post a form to collect the problems users are encountering. Alternatively, they may mention an Instagram account in the comments, claiming that the account can help solve the problem. The forms vary widely, from simple Google forms to more professional-looking ones. However, their ultimate goal is to steal users' wallet backup phrases (Recovery Phrase). To calm the victims' concerns, they emphasize that the user's backup phrase will be encrypted in the cloud.
This scam is primarily aimed at detecting newcomers unfamiliar with cryptocurrency wallets who may panic when faced with problems, leading them to make impulsive decisions. Once the form is submitted, it signifies that the user's wallet assets will be emptied by the scammers.
Twitter's Official Response
"Using fraudulent means to obtain money or private financial information on Twitter violates our policies, including through automated means. We will take appropriate enforcement action and continue to swiftly take action as cryptocurrency scams evolve on the platform," Twitter responded to BleepingComputer.
However, it appears that this issue has not yet been resolved. Any new Twitter account that posts "I need Metamask assistance" or similar posts will receive several phishing replies within seconds. Readers are advised to securely store their wallet backup phrases and never disclose them to anyone.
Related
- Trump family members' Twitter accounts targeted in phishing attack using World Liberty Financial scam
- Brick Mover Sentenced for Fraud! Taiwan Ton Ecosystem Member Receives Five Years Probation, Highlighting Regulatory Gaps in Virtual Asset Management Companies
- "Money Laundering Machine" Hualien City Representative Chairman Collaborates with Coin Merchants, Laundering Millions of New Taiwan Dollars in Virtual Currency.