The moment Elon Musk posts something on Twitter, some scammers running different crypto scams respond to his tweets and try to steal some attention — and also money from his followers — by impersonating him. Bad actors use deceptive tactics such as using the same profile photo of the Tesla and SpaceX CEO that he has on his official account and his profile name, but with some fancy fonts. Interestingly, the accounts also have the ‘Verified’ mark to easily pretend to be Musk, who, of course, has the blue tick on his account.
Scammers use a link along with a brief tweet in response to Elon Musk’s tweets to get noticed by his millions of followers. The link often takes users to a malicious website that ultimately aims to steal money.
Gadgets 360 has noticed that crypto scammers have taken a new pace in impersonating Elon Musk and using Twitter for their campaigns in the recent past — especially after the billionaire showed his immense interest in crypto assets including Bitcoin, Ether, and Dogecoin and his (now discarded) plans of joining of the Twitter board.
People have also started giving more focus to these scams — unknowingly — since Musk’s tweets have influenced trading decisions in the crypto market.
On Saturday, Musk himself acknowledged the impersonating account issue on Twitter.
“Now subtract crypto scam accounts that Twitter constantly shows as ‘real’ people in everyone’s feed,” he tweeted in response to a tweet showing the growth of Twitter users over the last 11 years.
Since scammers use mostly the same profile photos that Musk has on his account and his name, it becomes difficult to determine their legitimacy at first glance. The accounts are also verified — making it even harder for some users to realise these are scammer accounts.
Experts believe that in most cases, scammers hack verified accounts that don’t have many followers — at least not at par with Musk who has over 81.1 million followers on the platform. Once they get the verified account, they change the name and profile picture to make them appear like Musk’s account.
“What scammers do is go to an actual Elon Musk’s tweet and then post a reply — that way a casual reader skimming the thread on Twitter will see the original Musk’s tweet,” said Noah Giansiracusa, Assistant Professor of Mathematics and Data Science at Bentley University, who recently wrote a book called “How Algorithms Create and Prevent Fake News” to point out challenges in using AI and human moderation to restrict false content online.
“Users will then see what looks like a follow-up comment by him, but that’s really the reply from the hacked verified account of a different user who has changed the name and profile picture to look like Musk’s.”
Giansiracusa added that users can understand the difference between a scam and a genuine tweet by looking at the handle that follows the ‘@’ sign of the account from where the tweet is posted rather than its name and profile photo. However, he underlined that it is so easy to accidentally overlook it even if someone has that knowledge.
These scams are not new as they were well reported by various international news outlets including BBC in the past. Some users even lost a vast amount of their money due to scammers impersonating Musk and running different tricks.
Last year, the US Federal Trade Commission (FTC) reported that users lost over $2 million (roughly Rs. 15.21 crore) in crypto to scammers impersonating Musk in a six-month period starting October 2020.
Twitter has apparently been aware of the problem for quite some time. In 2018, the company said in a media statement that it is taking steps to reduce crypto scams on its platform.
However, the problem has apparently not yet been addressed to a large extent.
The impersonation policy says that users “may not impersonate individuals, groups, or organisations to mislead, confuse, or deceive others, nor use a fake identity in a manner that disrupts the experience of others on Twitter.”
Similarly, the platform manipulation and spam policy says that users “may not use Twitter’s services in a manner intended to artificially amplify or suppress information or engage in behaviour that manipulates or disrupts people’s experience on Twitter.”
Violating any of these two policies does not explicitly mean that users will no longer be able to access their accounts. Twitter may require certain edits on the profile that is impersonating an individual or an organisation or temporarily suspend the account.
In particularly the case of the manipulation and spam policy violation, Twitter says that “consequences for violating this policy depend on the severity of the violation as well as any previous history of violations.”
Twitter does have the conditions in place that could consider removing the ‘Verified’ status from any accounts that received changes, which are “misleading or substantially alter the persona present on your account,” as per the details available on its Help Centre. It, however, does not take that action for all such accounts.
The tweets running scams were pulled shortly after they gained some attention on the platform, though the accounts were still active with the ‘Verified’ badge at the time of filing this article. The accounts, however, had no profile photos and different names to show a clear distinction from Musk’s official account.
Having said that, some users were able to not differentiate scammers originally and posted their concerns on Twitter. A few of them, though, red flagged them by categorically calling the responses scams. Some users also raised concerns to Musk since he now also has the authority to integrate user feedback within the platform.
#ElonMusk while you help create an edit button for Twitter can you also get rid of these scammer bots that scammed people by the millions please. 🙏🙏🙏 First time I saw this comment I assumed it was you and lost a lot of money. 🤦🏻😢
— Bravid Scwarlinghouse (@AlexSeb2323) April 7, 2022
“The biggest factor in our opinion is the fact that many victims are new to blockchain and often tech illiterate — not always, though,” said Fran S van Weert, Founder of blockchain tracker and crypto watchdog Whale Alert. “They haven’t been exposed to these scams yet but have an idea of what blockchain is and who the person is that is being impersonated.”
In some recent tweets, scammers were seen giving away crypto assets to users after visiting their given links. All this is, though, nothing but a ploy to attract people to fall into the trap.
“Elon Musk giving away Bitcoins is not an implausible idea,” he said.
According to the data tracked by Whale Alert, the total value of transactions through crypto giveaway scams running online around the world grew almost 4,000 percent to $93,128,396 (roughly Rs. 707 crore) in 2021 from $2,320,064 (roughly Rs. 17.61 crore) in 2019.
In 2022 until to date, scammers were able to generate $22,601,764 (roughly Rs. 172 crore), Whale Alert’s data revealed.
S van Weert said that most of the tracked giveaway scams pretended to have Musk’s involvement, though Ether Co-Founder Vitalik Buterin was also impersonated in some cases. He also added that he noticed that some of the same scammers who use Musk’s identity to scam also recently tried to fool people with fake Ukraine Charity websites.
Onus is on Twitter
Experts believe that although Twitter has taken certain steps to restrict scams on its platform, it has not done an adequate job in limiting scammers to use the impersonate trick.
“It’s surprising that Twitter hasn’t addressed this issue more head on,” said Giansiracusa.
He also presumed that Twitter deals with the accounts impersonating accounts of celebrities including Musk for running scams on an “ad-hoc basis”.
“For instance, it shuts down the hacked accounts when the original owner complains or when they are called out for doing the deceptive name and photo change, but that’s a case-by-case solution to what is clearly a systemic problem,” he said.
Digital media expert, Marc Owen Jones, who works as an Assistant Professor of Middle East Studies at Hamad bin Khalifa University, Qatar, pointed out that Musk is not the only public figure that has been considered for impersonating on Twitter. He said that people were hacking verified accounts and changing them to well-known members of Gulf ruling families as well.
“The only reason companies like Twitter aren’t responsive to this is that they don’t have the manpower, which is a fundamental issue of their scalability,” said Jones. “Product creators bear some responsibility for the abuse of the functionalities of their platform – especially when those functionalities are selective.”
Although exact ways on how Twitter could resolve the problem are not publicly available, Giansiracusa suggested that the platform could resolve them by creating a system to check if any profile photos match with those of prominent accounts.
“That would be so easy to implement, it’s pretty shocking that it’s not done already,” he noted.
The professor also said that Twitter could restrict such tricks by making it harder for verified accounts to change their name.
“Non-verified accounts could still freely change names as they wish, but once an account gets that blue check it should be a lot harder to change the name because without that added friction it’s just too easy for people to use one blue check to mimic much more prominent verified accounts,” he said.
Scammers impersonating Elon Musk to swindle the public with crypto giveaways are not only using Twitter as these tricks are becoming quite common on Telegram and YouTube as well, according to S van Weert. However, the way people can easily be trapped on Twitter is quite concerning.
The ‘Verified’ status on accounts running scam campaigns works as a trust marker and can make individuals let their guard down, Jones said.