It’s simple – the attackers put pressure on the greed of people who want to get money literally out of thin air. It looks something like this:
The victim receives a private message on Twitter. In it, the fraudster says that the user has won a certain amount in cryptocurrency, for which you need to click on the link to the crypto exchange and activate the promo code. To attract the victim’s attention and lull her vigilance, attackers offer “prizes” in Bitcoin and Ethereum, trying not to use unknown tokens;
The victim obediently follows the link and activates the code, after which the amount of the “prize” is credited to her account on the exchange.
The user is trying to withdraw cryptocurrency to his wallet in order not to keep it on the exchange. This is where all the fun begins. First, the scammers ask to confirm the email address – so they again try to lull the victim’s attention, make her believe that the site is real. And as a bonus, they receive the user’s email address in order to try again in the future to deceive the gullible lover of free cryptocurrency. After the victim enters the address of his Bitcoin wallet, the withdrawal status of the “won” cryptocurrency changes to “Waiting”. Here you can see the first puncture of scammers – usually exchanges process transactions instantly, without requiring confirmation.
The withdrawal status changes to “Failed”, after which the victim is asked to deposit 0.02 BTC or 0.3 ETH for verification on the exchange and confirmation of the withdrawal. If the victim believes this and sends his cryptocurrency, the withdrawal status does not change in any way, and the attackers celebrate another victory.
Bonus step. Sometimes scammers try not only to rob the victim, but also to collect her personal data, justifying this by additional verification on the exchange. Usually, the victim is required to upload a photo of a driver’s license, passport, social security number or other identity document.
How to recognize a crypto fraudster on Twitter?
It’s not difficult, it’s important to remember a few simple things:
The sentence is too good to be true. If someone suddenly offers you a huge amount of cryptocurrency, then you should think twice before clicking on the links in the message;
They write to you about winning a contest that you haven’t even heard of. In this case, how did you manage to win the prize mentioned in the message?
The website of the crypto exchange indicated in the message appeared quite recently or is extremely unpopular. Remember, little–known crypto exchanges are one of the most unreliable and often used by attackers;
The Twitter account you received the message from is brand new. Everything is clear here – if a stranger with three subscribers and an account created yesterday offers you a bunch of cryptocurrencies, then you definitely shouldn’t trust him;
Someone is trying to impersonate a well-known person in the crypto community, an employee of Twitter or a crypto exchange.
Let’s summarize the results
As you understand, it is not so difficult to identify a crypto fraudster on Twitter, since they give themselves away, offering victims insane amounts in cryptocurrency for participating in non-existent contests. Keep in mind that free cheese happens only in a mousetrap and no one will just offer you a lot of money in cryptocurrency just like that.