It has been a trend for scambots to “tailgate” on well-known cryptocurrency personalities’ tweets, using their profile photos and a Twitter handle that resembles the real person’s as closely as possible. These bots would follow legitimate industry names’ tweets and immediately post malicious links on the comments section of the thread in an attempt to mislead followers into thinking they were posted by the original Twitter account.
They usually tempt users with flamboyant giveaways, like this:
While most users are adept at spotting legitimate accounts from fake ones (the check mark is a very prominent distinguishing feature, for one), those who have untrained eyes fall for the sham. This could lead to a loss of funds, if the phishing attempt succeeds in duping the user into clicking the link and punching in his user name and password to a decoy website. The scammers then gain access to the user’s credentials which can be used to steal funds from online accounts.
It has become rampant that in fact, Buterin changed his Twitter name to Vitalik “Not giving away ETH” Buterin for this very reason.
Even nChain’s Craig Wright has Twitter clones.
The scambot armies haven’t spared Musk either. It has been going on for a while and that’s what prompted the “mad skillz” tweet.
“I want to know who is running the Etherium scambots! Mad skillz…,” Musk tweeted.
I want to know who is running the Etherium scambots! Mad skillz …
— Elon Musk (@elonmusk) July 8, 2018
Ethereum founder Vitalik Buterin picked up on the tweet, pointing out how unfortunate this is tagging Twitter founder and CEO Jack Dorsey and appealing to the Ethereum community to come up with a solution.
I do wish @elonmusk's first tweet about ethereum was about the tech rather than the twitter scambots……..@jack help us please? Or someone from the ETH community make a layer 2 scam filtering solution, please? https://t.co/biVRshZmne
— Vitalik "Not giving away ETH" Buterin (@VitalikButerin) July 9, 2018
Twitter users responded with solutions like EtherScamDB—a database where users can report known scams so they can be monitored and listed on the “active scams” list, as well as a project called Metacert Protocol.
“We have a secret app monitoring accounts for some high profile crypto people, auto blocking scammers on their behalf while also alerting followers inside replies, when there’s a fake account. We can help Vitalik,” Metacert replied. “We also now monitor the twitter firehose for scam signals but can’t say more than that in public.”