Barely a few hours after crypto giveaway scam bots on Twitter targeted the official account of Pope Francis to promote a fake bitcoin giveaway, Elon Musk has again been targeted while taking a playful jab at the now-ubiquitous Twitter scam.
Responding to a thread under a tweet from Techmeme referencing Twitter’s latest purge of scam bots, Musk playfully remarked:
“At this point I want ETH even if it is a scam”
Incredibly, right under Musk’s clearly tongue-in-cheek tweet, a fake “Elon Musk” handle soon appeared touting a purported crypto giveaway from the Tesla founder, in a now-deleted tweet.
As with other similar cases of high profile accounts on Twitter being targeted by the scam giveaway botnet, the network of dummy accounts used retweets and likes to push the fraudulent reply to the very top of the thread so that it appeared immediately after Musk’s tweet, creating the impression that Musk replied to his own tweet in a thread.
This sort of astroturfing makes it easier for potential marks to fall victim to the scam. The image in the scam link shows Musk at a speaking engagement, and it purports to link to an announcement by Musk hosted on medium.com.
When the user clicks, they are taken to a website called “https://musk-surprise.info/” where a Medium article supposedly by Musk outlines the basic format of the popular scam, offering both BTC and ETH giveaways plus a Tesla Model 3 to one lucky winner after “verifying” user wallet addresses by getting them to send a crypto sum first.
At first glance, the name and photo at the top of the page seem to check out, especially as the poster’s URL is www.medium.com/@elonmusk, which is the correct spelling of the Space X founder’s name.
Clicking on the poster’s name, however, takes the user to the page of a completely different user called ‘Rahul’ with the url www.medium.com/@elonmusk.
The Medium article advertising the purported BTC and ETH giveaway by Tesla’s marketing department has a number of suspiciously enthusiastic and positive responses in the comments, which is a key signifier of the same kind of bot astroturfing that the botnet uses on Twitter.
CCN earlier reported that Twitter scammers targeted high profile accounts in February with the aim of compromising them so as to promote fraudulent giveaways.
Since then, cybercriminals behind the botnet appear to have changed tactics, focusing on creating several duplicate accounts for high-value accounts and gaming Twitter algorithms to promote scam content.