December 20, 2023 at 03:18PM
Cryptocurrency scammers are exploiting a Twitter feature that allows modifying the account name in post URLs. This enables redirecting to unrelated high-profile accounts, leading to fraudulent crypto giveaway promotions and phishing attempts. Scammers have targeted crypto-related accounts like Binance and zkSync. Users can mitigate the risk with Twitter’s Quality Filter but should remain vigilant.
From the meeting notes, it is clear that scammers are leveraging a feature on X (formerly Twitter) to promote cryptocurrency scams and fake giveaways. They are exploiting the website’s URL structure to redirect users to posts that appear to be from legitimate accounts, but actually lead to unrelated tweets promoting fraudulent activities. Notably, scammers are impersonating high-profile crypto-related organizations such as Binance, Ethereum Foundation, zkSync, and Chainlink. The scams involve fake crypto giveaways, websites draining wallets, and Discord channels promoting pump-and-dump schemes.
It is important for users to be cautious, as the scammers are creating accounts with names that mimic the legitimate organizations by adding a fixed set of digits to the end of the account name. This makes it challenging to differentiate between legitimate and fake tweets, especially on mobile where the address bar may not be visible.
While there is a quality filter available on X, enabling it may result in the filtering of legitimate tweets. Hence, users are advised to be vigilant and verify the source of the tweet before engaging with any content on the platform.
Given that the URL redirect feature on X is a standard and unlikely to be changed for security reasons, it is crucial for users to manually inspect the URL and ensure they are visiting the intended tweet. This information will be important for users and stakeholders to stay vigilant and informed about the potential risks associated with these scams on X.