Twitter: Fake Elon Musk scam spreads after accounts hacked

Twitter: Fake Elon Musk scam spreads after accounts hacked Twitter: Fake Elon Musk scam spreads after accounts hacked 8b81e4ba0d
Media playback is unsupported on your device
Media captionWho is Elon Musk?

Several popular verified Twitter accounts have been hacked by scammers to promote an ad using Tesla boss Elon Musk’s name and likeness.

British fashion retailer Matalan, film distributor Pathe UK and US publisher Pantheon Books were among those whose accounts were taken over by scam artists.

The scam used promoted tweets – where Twitter is paid by advertisers to make a tweet appear to a wider audience.

The tweets have since been deleted with many accounts recovered, though some were left blank while waiting for their owners to re-enter their name and profile picture.

Image copyrightTwitter
Image caption The Matalan page looked empty after the hackers’ posts were deleted – though retweeted posts from Musk’s SpaceX company remained

Scammers targeted several “verified” accounts (denoted with a blue tick) and changed the name and image to that of Mr Musk.

The tweet then urged users to part with a small amount of Bitcoin – a digital currency – to supposedly receive more.

Several other verified accounts, which were also taken under the scam artists’ control, appear in the tweet’s comments to claim that they have received Bitcoin from Mr Musk.

A Twitter spokesperson told the BBC it “doesn’t comment on individual accounts for privacy and security reasons”.

Image copyrightTwitter
Image caption This is how the scam appeared in Twitter feeds before it was removed – the scam details have been blurred

Verified

By using accounts with Twitter’s own verification mark (a blue tick), it makes the account appear legitimate at first glance and thus may fool the reader into thinking it is official.

But many of the posts still bear the hallmarks of classic scams – including frequent spelling errors (see “Bitcoic” and “suppoot” in the above tweet) and a request for money.

The account handle itself is also incorrect – a legitimate tweet from Elon Musk would read @elonmusk beside the blue tick. In this case, it reads @patheuk – as the account originally belonged to film distributor Pathe UK.

Clicking on any of the links in the scam sends users to a page where they are urged to send anywhere from 0.1-one Bitcoin (£491-£4,491) to the scammers – with the promise that they would receive one-10 Bitcoin as a reward.

Victims do not receive any Bitcoin after sending money to the scam artists.

The scam is made to seem more trustworthy as various other compromised accounts reply to the tweet claiming that it works.

For example, the above tweet would appear to have been praised by verified accounts like boxer Rayton Okwiri, blogger Sarah Scoop, and Swansea City AFC Ladies.

Image copyrightTwitter
Image caption The blue tick of verification makes the accounts seem legitimate, even though they are under the scammers’ control

Promotion

The scam tweet has been posted by several verified accounts on Twitter.

British fashion retailer Matalan, film distributor Pathe UK and US publisher Pantheon Books were among those whose accounts were reset after the hack.

Pathe UK have since issued a statement to confirm that their account was “hacked by an unknown third party”.

Skip Twitter post by @patheuk

The Pathe UK Twitter account was hacked this morning by an unknown third party. A series of unauthorised tweets were sent for which we apologise. The issue has now been resolved and we have taken back control of our account.

— Pathé UK (@patheuk) November 5, 2018

End of Twitter post by @patheuk

An early form of the scam was first spotted in March when accounts appeared simply using Mr Musk’s name and likeness to ask for Bitcoin.

It became so frequent on the social network that the Tesla chief was briefly blocked from his own Twitter account after he parodied the scam by sending a tweet asking: “Wanna buy some Bitcoin?”.

Skip Twitter post by @elonmusk

Wanna buy some Bitcoin? 😉😉 pic.twitter.com/9ZbBJ5fuVq

— Elon Musk (@elonmusk) October 22, 2018

End of Twitter post by @elonmusk

Now the scam has become more nuanced as it uses Twitter’s own verification to make it more convincing.

A Twitter spokesperson told the BBC that the company has “substantially improved how we tackle crypto-currency scams on the platform”.

“In recent weeks, user impressions have fallen by a multiple of 10 as we continue to invest in more proactive tools to detect spammy and malicious activity.”

By Tom Gerken, UGC & Social News

Original Source