First, let\u2019s take a look at a screenshot of the message:<\/p>\n
![\"Great](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2023\/01\/10181530\/twitter-fake-crypto-scheme-1.png\")
<\/a>Great news. You\u2019re rich! But hang on a sec\u2026<\/p><\/div>\n
A stranger on Twitter sends you the credentials supposedly for the account of a certain Adam on some cryptocurrency platform that they say holds a six-figure amount. The sender apparently needs your help to withdraw this amount.<\/p>\n
Surprisingly, if you go to the site and enter the credentials, you will be taken to an actual personal account containing the amount specified or thereabouts. But we haven\u2019t yet sniffed out the fraud.<\/p>\n
![\"While](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2023\/01\/10181607\/twitter-fake-crypto-scheme-2.png\")
<\/a>While we were logging in to the site, Adam just got $90,000 richer.<\/p><\/div>\n
Think critically and look for red flags<\/h2>\n
\nLet\u2019s start with the basics: if you had a few hundred thousand dollars, would you ask a complete stranger to help manage it? No? And no one else in their right mind would! This reasoning alone is enough to consign the message (and all other 419 fraud spam) to the trash can.<\/p>\n
But our task is to investigate all the red flags, so let\u2019s find a reason to carry on: suppose circumstances have indeed forced a complete stranger to seek help and their choice has landed on you. What else looks out of place?<\/p>\n
![\"What](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2023\/01\/10181643\/twitter-fake-crypto-scheme-3.jpg\")
<\/a>What a popular account our mystery benefactor has!<\/p><\/div>\n
First, let\u2019s get to know the anonymous do-gooder a bit better. Their Twitter account has precisely zero followers, and they follow the exact same number of other accounts: another clear red flag, since the whole point of creating a social media account is to communicate and follow others.<\/p>\n
Second, our counterparty is not sociable: we tried sending them messages, but got no response for a week. That\u2019s also a red flag, indicating that the message is a mass mailing, which means that tens, hundreds, even thousands of people were sent the same username and password. How many of them do you think already tried to log in?<\/p>\n
Third, a reddish flag this one, the username and password suggest the user is called Adam (\u201cAdam\u2019s\u201d password, incidentally, is rather weak), while the Twitter handle the message came from has nothing to do with any Adam. Is it that our counterparty wants to get us to empty a hijacked cryptocurrency account and make us a partner in crime?! (Actually there is no cryptocurrency at all in this account, but more about that later.)<\/p>\n
Lastly, experts will spot another red flag \u2014 a space in the URL of the site where the cryptocurrency is supposedly located. This is how scammers try to bypass security in the e\u2011mail account where you are notified about a new message on Twitter.<\/p>\n
After you actually go to the site, the red flags pop up one after another: the design is simple and slapdash, and googling the domain name serves up only results about scams. A real, even little-known cryptocurrency exchange would surely have some reviews in media or on forums. This one has none, which screams the word \u201cfake.\u201d<\/p>\n
And that\u2019s even before we get to the killer red flag, exposing the whole essence of the scam.\n<\/p>\n
Paying to withdraw cryptocurrency<\/h2>\n
\nIt turns out that in order to withdraw funds outside the platform, one more password is required: a so-called Trade key, which no one gave us. But it is possible to transfer money within the platform itself, for which you need to create a new account with VIP status and fill it up with Adam\u2019s money. That done, we\u2019ll be able to withdraw it without a hitch, because we have all the necessary passwords, right?<\/p>\n
![\"Feel](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/86\/2023\/01\/10181714\/twitter-fake-crypto-scheme-4.png\")
<\/a>Feel like a Very Idiotic Person<\/p><\/div>\n
To get VIP status, you need to deposit some money to the new account by giving your cryptocurrency wallet details. When you do, there\u2019ll be nothing to withdraw anyway, while your own wallet will be bled dry using the credentials kindly provided by you.<\/p>\n
The platform itself is just a phishing site, with no whiff of cryptocurrency. In the recent campaign, scammers set up several such sites and sent out login details to various Twitter accounts.<\/p>\n
As for the \u201ccryptocurrency platform,\u201d there are two suspicious signs. First, cryptocurrency is never sent by the give-us-your-wallet-details method; rather you receive a payment address to send the required amount to from your wallet interface. Second, no financial platform worthy of the name would ask you to use third-party funds for handling money already on it. Charge a transfer fee, be our guest, but demand payment using one card to withdraw money from another? That\u2019s downright weird.<\/p>\n
And we haven\u2019t even mentioned the bad English and crooked layout \u2014 the ever-present hallmarks of phishing sites.\n<\/p>\n
How to avoid phishing nets<\/h2>\n
\nSo as not to fall victim, you need to understand how scammers work and be able to spot all the inconsistencies. To that end, we have identified all the red flags in the above cryptoscam.\n<\/p>\n
\nQuestions to ask yourself when confronted with any juicy offer are:<\/h4>\n
\n
- Why is a complete stranger asking me for help and not someone they know?<\/li>\n
- Could it be a bot?<\/li>\n
- Isn\u2019t it odd that they don\u2019t reply?<\/li>\n
- Does the message look suspicious (for example, in the domain name mentioned there\u2019s a space for fooling mail filters)?<\/li>\n
- What sort of site am I being asked to visit? What are people saying about it online?<\/li>\n
- Do its design and interface inspire trust (sure, half of all websites don\u2019t, but you don\u2019t use them for sending money, right)?<\/li>\n
- Does it seem logical what you\u2019re being asked to do?<\/li>\n
- Is it normal to have to pay using third-party funds to perform transactions with money already on the platform?<\/li>\n
- Am I being hurried so that I would let my guard down?<\/strong><\/li>\n
- Does it sound too good to be true?<\/strong><\/li>\n<\/ul>\n
By taking a deep breath and answering them to yourself, you will better understand what is going on and not lose your head over the thought of easy money that seems so close.<\/p><\/blockquote>\n
\nThe abundance of red flags in this case clearly indicates you\u2019re dealing with scammers. But even just one should be enough to alert you. Even if such a message came not from a random user, but from a friend, you should still be vigilant: who knows, maybe your friend was hacked?<\/p>\n
Sadly, scammers thrive due to the fact that even vigilant people are human, and sometimes swallow well-crafted bait. So it\u2019s better to adopt a belt-and-braces approach and use a reliable security solution<\/a> that spots suspicious links and blocks access to fraudulent sites.<\/p>\n