A rather large part of my day job is trying to make sense of trends in fraud and abuse, hoping to use those insights to keep a bit of a lid on it for our platform. Even if a majority of scammers are quite low talent, there’s a certain amount that requires being responsible, keeping up with the times and keeping watch over emerging trends. The mainstreaming of cryptocurrency and the constant news presence of Elon Musk made a recent webpage that landed on my proverbial desk pretty fun to dig into and realize it aligned with a larger trend of crypto scamming that had some recent attention raised on it thanks to Akamai’s research team and the CyberWire for relaying much of it.
If you got excited there, I’m sorry to say that you aren’t going to get your Bitcoin doubled. For the uninitiated, I’m jealous although I also want to catch you up to speed on everything. Cryptocurrency is, in short, a digital form of tender that has a value only sustained by what individuals are notionally willing to pay for it at a given moment. There are a number of good reads that can help break down a bit more about the mechanism with which it works although the best way that I’ve heard it put is that it’s kind of “nerd stocks”, combining the most convoluted bits of the tech sector and the finance sector.
With the growth of cryptocurrency and the mainstream attention to popular cryptocurrencies like Bitcoin, Ethereum, etc., there’s been a rise in scams targeting the holders of those currencies. Unlike American dollars, with payment processors providing recourse of some sort, cryptocurrency is kind of the Wild West. Once you send it, the backing technology provides no avenue for reversing a transaction. To be frank, if you make a typo and send someone some Bitcoin, you’d have to rely on the generosity of them to send it back which is an unlikely proposition.
This backdrop in mind, there’s already the profit incentive and the method with which a scammer can take off with money. While there’s a whole slew of these different scams, there’s a mainstay I’ve seen several iterations of and to be frank, am alway surprised that it works at all.
The crux of the scam is that you send them some money and they send it back doubled. On its face, it’s absurd. That’s why this scam requires a bit of work to sell it. The ruse is usually sold as a wealthy and altruistic company or individual trying to double your money, built out via social media. This can be tweeting of links to the scam sites from accounts impersonating Elon Musk or other quasi-reputable sources. Alternatively, it can be sent via Telegram or WhatsApp as a screenshot of a “Tweet” that never was. This is all just bait on the hook.
Once you land on the page, the presentation is fairly sleek. A number of scam kits I’ve seen are absurd, using broken English, pixelated images, setups that don’t look good on any device. These pages are fairly different, using a sleek design that feels right at home with the purported celebrity or corporate connection. There’s a “Support” chat logo in the bottom-right and a scrolling ticker feigning activity all to sell the gimmick. Of course, that scrolling data is falsified but it adds a layer that you wouldn’t expect.
I know it sounds cartoonish. “Who would fall for this?,” you’re saying. Some folks have bought into the FOMO of cryptocurrency and believe the space to be a “get rich quick” scenario. The scam itself isn’t even new with prominent examples like Twitter’s 2010 security breach that allowed a teenager to access the accounts of Bill Gates, Joe Biden, Kim Kardashian West, and more, offering to double any Bitcoin sent. The account had received what was notionally $100,000 in Bitcoin at the time. This is roughly a notional value of $360,000 as of writing with $6,500 still in the wallet.
I did get the brief joy of having one of these webpages land on my provider. It’s a small pleasure to see something so outlandish as opposed to the regular garden variety scams although any money they’ve scammed out of folks such as the near $10 sent to one of the Ethereum wallets tied up in this will never be returned. At least it’s fun to watch as things creep across the internet come your way too, as if you’re part of a little club of internet janitors. As of now, all of these sites look to be parked on a Russian ISP and are likely to stay there for the forseeable future.
While much of this post is the result of my own investigation into these 2x crypto scams, the inspiration is singularly thanks to Akamai’s team doing a wonderful write-up on this. Thanks to Shiran Guez for the deep dive into the kits, sourcing, etc. If you really want to get into the weeds, it’s a high-quality read. Related media linked below.
Related Links: Chatbots, Celebrities, and Victim Retargeting: Why Crypto Giveaway Scams Are Still So Successful (Akamai) Don’t let the Elon Musk crypto giveaway scam swindle you. (CyberWire Daily)