Hacked Twitter accounts have led to Elon Musk’s name and profile being used to spread a bogus advert around social media.
Scammers infiltrated accounts including those of Pantheon Books, film institution Pathe Uk, and retailer Matalan, in a series of fake tweet promotions used by Twitter to give tweets a wider distribution.
Many of the user identities targeted were verified, featuring the blue tick next to the profile name, though the name and image were changed to that of Elon Musk.
In this case, while the blue tick apparently guaranteed the authenticity of the tweets, many of the messages contained spelling mistakes and other language errors which are tell-tale signs of scamming behaviour.
The tweets then promoted Bitcoin, encouraging fellow Twitter users to spend a small amount of the crypto-currency in order to access a great deal more.
The links provided in the scam take users to a page where they can send anything from between 0.1 and 1 Bitcoin which equates to between £491 and £4,491. The supposed reward was between 1 and ten Bitcoin, although no money is actually received if users are duped into following through with the transaction.
Further bogus tweets testifying to the credibility of the scam may have helped create an added sense to users that the messages were real.
Fake tweets, real damage
Now deleted, most of the accounts have been recovered, though some were “left blank”, a report on the BBC news website says, while the account holders recovered and re-entered personal details.
A spokesperson for the social media platform told the BBC that Twitter does not comment on individual accounts for “privacy and security reasons.”
The scam was first identified in March of this year, almost two months before the introduction of the EU’s General Data Protection Regulation which imposes tough new sanctions on companies found guilty of data breaches.
In the wake of that initial hack, even Elon Musk himself was locked out of his own Twitter account after he tweeted “Wanna buy some Bitcoin?” in a lampooning of the hoax. Now that the scam has become more sophisticated, Twitter is taking measures to “substantially” improve how it tackles crypto-currency scams on the platform.
“In recent weeks, user impressions have fallen by a multiple of ten as we continue to invest in more proactive tools to detect spammy and malicious activity,” a Twitter spokesperson told the BBC.
European Data Protection Summit will take place on June 3rd in Central London and will play host to 800 DPO’s, Security Professionals and senior business decision makers looking for; information, updates, clarity, advice and solutions. For more information, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.