ETH Giveaway Scam plaguing Twitter — Part 1
In this latest installment of our Fraud/Scams series, we bring to light the Ethereum (ETH) Giveaway Scam.
What is the ETH Giveaway Scam?
Predominantly infesting Twitter, the ETH Giveaway Scam is where scammers impersonate famous people or recognized figures of authority and attempt to steal ETH and other cryptocurrencies from their victims. The scammers usually offer some kind of giveaway, in which victims are directed to deposit 0.2–2 ETH to a specified address in order to get back 2–20 ETH. It quite often looks something like this.
The scammers use the same picture and username as the person they are impersonating and reply to a post made by the person in question, making it look like the famous person has responded to their own tweet. The scam message is then artificially boosted with likes and retweets from a farming botnet, pushing the reply to the top of the thread and lending the post legitimacy. Other bot accounts also comment on the post, usually responding with things like “It works! I got my 3 ETH!” Once again, bots are used to like and retweet the comment to make it appear real.
Of course, there is no ETH or other cryptocurrency sent back; the scammers just pocket their money and continue doing the same thing over and over again.
In June 2018, Brandon Arvanaghi completed an analysis of the scams reported to EtherscamDB and found that scams with the word ‘give’ in them had netted the scammers at least $1.48 million (2,482 ETH). Now when you consider that most of these ‘giveaways’ ask for small amounts of ETH to be sent, that’s an immense amount of people falling victim to this scam.
Evolution of the ETH Giveaway Scam
Initially, those targeted were prominent members or businesses of the cryptocurrency community: Vitalik Buterin co-founder of Ethereum; Pavel Durov founder of Telegram; John McAfee Cybersecurity tycoon; Binance; Coinbase; and TRON to name a few. This prompted many Twitter users to change their name in frustration. Vitalik Buterin changed his Twitter username to Vitalik “No I’m not giving away ETH” Buterin, in an attempt to deter the scammers and protect the unwary, although that didn’t seem to phase the scammers who continued posting using the updated name. These days Vitalik goes by Vitalik Non-giver of Ether, showing that he still perceives the fake giveaway as a problem. Other users who still have a changed username include Suppoman (I DONT GIVE AWAY ETH!) and ASHU THE EMPEROR (Don’t Give Away ETH).
Since then, the scammers upped their game and decided that any prominent figure or business in society was fair game, with many notable celebrities being impersonated: President Trump, William Shatner, Elon Musk, Neil DeGrasse Tyson, even Pope Francis.
Elon Musk seems to be a favorite of the scammers as, at the time of writing this, every single one of his tweets is still plagued with scam ETH giveaways. One Sky News journalist even fell for the scam giveaway, making reference to a Tesla giveaway scam as being made by Elon Musk himself.
The ETH Giveaway scammers also managed to exploit a Twitter bug for a while that allowed a verified user to change their name without losing their verified badge. This made the scam account appear official, thus lending them even more legitimacy and confusing the unsuspecting users of Twitter.
Despite numerous claims from Twitter that they are addressing the problem, these scams are still predominant across Twitter. Although the majority of these false accounts don’t show up in a search, the posts themselves are still appearing in Tweets. The persistence of these scams sadly seems to imply that enough victims are being lured in to warrant the continuing barrage of scam giveaway posts.
Remaining undetected
Scammers have found several ways to subvert Twitter’s algorithms and keep posting their scams. One way is to add spaces after their usernames so that their name is not seen as a direct copy of someone else’s.
Another way the scammers fool the Twitter algorithms is with their profile picture. It is essential to the scam to have the same username and picture as the person they are pretending to be, but Twitter’s image detection will flag anyone trying to use the same picture as someone else. To get around this, the scammers adjust the picture just enough to fool the image detection software, but not so far as to be unrecognizable.
In some cases, the fake accounts even fooled Twitter enough to be promoted by Twitter itself in the ‘Who to Follow’ section.
Duo Security Report uncovers massive scam network
From May to July 2018, Jordan Wright and Olabode Anise from Duo Security conducted a study concerning the use of bots on Twitter; their report can be found here. They looked at 88 million Twitter accounts using Machine Learning to identify bots, malicious or otherwise.
During their study, Jordan and Olabode found a sophisticated and massive single network of over 15 thousand bots spreading a cryptocurrency scam. This network is organized in a ‘3 tiered botnet structure consisting of the scam publishing bots, the hub accounts (if any) the bots were following, and the amplification bots that like each created tweet.’ They found that the amplification bots liked tweets from both clusters — scam publishing bots and the hub accounts — thus binding them all together into one massive network.
The duo has released all of their findings and data in the hopes that someone can follow on from their research and finally put an end to these nuisance bots. They are hopeful that the efforts made by Twitter ‘will be effective in combating spam and malicious content,’ but consider the problem far from being solved.
‘By open-sourcing the tools and techniques we developed during this research, we hope to enable researchers to continue building on our work, creating new techniques to identify and flag malicious bots, and helping to keep Twitter and other social networks a place for healthy online discussion and community.’
Stay tuned for Part 2 to learn our tips on how to avoid being scammed.
Natmin Pure Escrow is running a in-depth series concerning Online Frauds and scams to help keep our community informed and safe. To read the rest of the series or to keep up-to-date with our news please head to our Medium page.
To find out more about Natmin Pure Escrow, please visit our website: natmin.io.
