Twitter: How a bad UI decision helped scammers steal millions of cryptoassets
A new viral form of scam has been circulating twitter recently around users in the cryptocurrency communities, the idea is very simple yet so powerful and has been spreading like a virus. a scammer creates a fake profile impersonating one of the popular cryptocurrency personalities and then replies to any their tweet promising rewards in bitcoin or other cryptocurrency if a specific amount is sent to his address.
A scammer can go further and post some replies from more fake accounts claiming successful reception of the reward, just ot make it look even more legitimate.
This scam has been incredibly powerful, by just looking up those scam addresses on the blockchain one can see that thousands of dollars have been transferred to those account.
Many factors come together for this scam to work, however one of the primary causes is the way the Twitter UI team has made their design decisions, by emphasising the name and graying out the actual unique identifier of the user. this allows any user to impersonate any account and would require a high level of attention from users to spot the fraud.
While Twitter offers a way to identify important users by verifying their accounts, and adding a blue check next to their name, that didn’t seem to work quite well. especially with many users failing to verify their own identity, and many others seem to overlook the whole blue check.
And while everyone is trying desperately to prevent the scam, either by warning users or reporting those accounts, I believe the better solution is in the hands of Twitter design team. a clear identifier for each user would definitely alert users and decrease the spread of such practices.
