Thursday , December 19 2024
Home / Crypto news / 80% of Comments on Major Project Tweets Revealed as Phishing Scams: SlowMist

80% of Comments on Major Project Tweets Revealed as Phishing Scams: SlowMist

Summary:
The SlowMist Security team revealed receiving numerous reports of theft. Upon investigation, they found that a significant portion of these thefts were facilitated by deceptive comments under tweets from well-known projects. As such, approximately 80% of comments under tweets from such projects were identified as phishing scam accounts. SlowMist Exposes Phishing Tactics SlowMist also observed multiple Telegram groups engaged in the sale of Twitter accounts, offering some with varying follower counts, post numbers, and registration dates to cater to different buyer preferences. Most of the accounts sold in these groups were related to the crypto industry or belonged to influencers. Additionally, dedicated websites specializing in the sale of Twitter accounts were

Topics:
Chayanika Deka considers the following as important: , ,

This could be interesting, too:

Chayanika Deka writes Ohio Follows Pennsylvania, Texas in Pursuing State-Level Bitcoin Reserves

Chayanika Deka writes Tether (USDT) Inflows Surge as Stablecoin ‘Fuel’ Powers Crypto Bull Rally

Chayanika Deka writes Ethena Labs Launches USDtb, Backed by BlackRock’s BUIDL Fund

Wayne Jones writes Prometheum Files Lawsuit Against Critic Matthew Blumberg Amidst Scam Accusations

The SlowMist Security team revealed receiving numerous reports of theft. Upon investigation, they found that a significant portion of these thefts were facilitated by deceptive comments under tweets from well-known projects.

As such, approximately 80% of comments under tweets from such projects were identified as phishing scam accounts.

SlowMist Exposes Phishing Tactics

SlowMist also observed multiple Telegram groups engaged in the sale of Twitter accounts, offering some with varying follower counts, post numbers, and registration dates to cater to different buyer preferences. Most of the accounts sold in these groups were related to the crypto industry or belonged to influencers.

Additionally, dedicated websites specializing in the sale of Twitter accounts were discovered, featuring such from different years and offering options for purchasing accounts with usernames closely resembling legitimate ones, such as the example of “Optimlzm” imitating “Optimism.” These websites commonly accept cryptocurrency payments.

Upon acquiring existing accounts, phishing groups utilize promotional tools to enhance their credibility by purchasing followers and interactions. These tools, which also accept cryptocurrency payments, provide services like likes, shares, and follower boosts across major international social platforms.

A platform catering to such services claimed to have processed over 1.3 million orders, with 20,000 individuals having utilized their offerings.

Armed with these resources, phishing groups proceed to mimic the information and appearance of legitimate projects, making it challenging for users to differentiate between authentic and fraudulent accounts. The next essential steps in their phishing operation include:

  • Automated bots track prominent projects’ activities.
  • Phishing group bots quickly comment on project tweets to gain prime visibility.
  • Users who mistake the posts for legitimate ones are more vulnerable. They may click on phishing links promising airdrops from fake accounts, leading to inadvertent authorization of malicious transactions and financial losses.

Security First

Countermeasures include the optimization of anti-phishing plugins. This involves plugins and browsers that can promptly warn users upon accessing phishing pages, averting deceitful signature requests and thwarting potential risks.

Wallet signature verification and interaction safety features include wallets equipped with signature detection and transparent display of authorization details that offer a protective shield. Users can verify transaction specifics, minimizing the risk of falling victim to scams.

Lastly, personal security consciousness is crucial. Despite supportive tools, users must scrutinize links, authorizations, and signatures, mitigating the risk of coin loss or deception.

You Might Also Like:

Leave a Reply

Your email address will not be published. Required fields are marked *