This Monday, more than a dozen verified accounts were hacked into by scammers impersonating Elon Musk. The scammers claimed that they were giving away 10,000 Bitcoin(BTC) after resigning from the job of being the director of Tesla.
“I’m giving 10 000 bitcoin (BTC) to all community! I left the post of director of Tesla, thank you all for your support! I decided to make the biggest crypto-giveaway in the world, for all my readers who use Bitcoin. Participate in giveaway - musk.plus”
On Monday, Twitter users began to spot some bizarre posts seemingly from Musk’s verified Twitter account. When they clicked the link to the giveaway, they were instructed to transfer 0.1 to 3 BTC (valued currently at about $640-$19,000) to a wallet for address verification. In return, they were promised to be given 1-30 BTC (valued currently at $6,400-$192,000). Through this scam, the perpetrators have received more than $180,000 from 400 people. Dozens of people sent the bare minimum of 0.1 BTC requested by the tweet while some sent as much as 0.5, 0.75 and 0.9995 BTC (equivalent to more than $6000).
Amongst the compromised accounts are US publisher Pantheon Books, UK retailer Matalan and two democratic members of Congress who were up for re-election on Tuesday. On their pages, the deception was carried out by changing the image and display name to Musk’s and having the blue ‘verified’ checkmark to the right.
To give them further credence, the hackers seem to have used other compromised accounts, such as Flex Watches and Philippines’s National Disaster Risk Reduction and Management Council, to post comments on the fake Elon Musk tweet. Some of the comments include: “+40 BTC, thank you! For me it is a lot of money!”, “+25 BTC, I LOVE YOU ELON!”. Michigan Rep. Brenda Lawrence’s account also seems to have been hacked as a comment from that account on a fake tweet from Rep. Pallone’s account said: “I sent 2.7 BTC and got back 54 BTC!”. The tweets seem to have been taken down now.
A closer look at the details would clearly show, however, that the tweets were not from Musk. Instead of having ‘@elonmusk’ to the right of the blue checkmark, the profile name varied depending on the account that was compromised.
For the past year, Musk has been a target for impersonation on Twitter due to his influence in the sphere of technology. A common mode of attack by scammers is to disguise their accounts so that it looks like that of Musk’s. Then, they reply to his real tweets with fake cryptocurrency offers, making it seem as if it is all part of the same thread. This mode of scamming became so popular that Twitter began to lock accounts if they tried to change their display names to ‘Elon Musk’ without mobile verification. Scammers, however, continue to be one step ahead of the IT team by using other characters that result in the display name seeming to be “Elon Musk” at first glance.
A Twitter spokesperson refrained from commenting on the individual accounts but offered the following statement instead:
“Impersonating another individual to deceive users is a clear violation of the Twitter Rules. Twitter has also substantially improved how we tackle cryptocurrency scams on the platform. In recent weeks, user impressions have fallen by a multiple of 10 in recent weeks as we continue to invest in more proactive tools to detect spammy and malicious activity. This is a significant improvement on previous action rates.”
Musk has not commented on this week’s scam impersonations.