CNET también está disponible en español.

Ir a español

Don't show this again

Security

Twitter bitcoin scams: Google's G Suite and Target accounts get hacked

Cryptocurrency scammers are promoting tweets through ads after they hijack verified accounts.

twitter-hq-headquarters-02098-2

Twitter says it's been improving how it tackles these cryptocurrency scams. 

James Martin/CNET

Bitcoin scammers are at it again on Twitter.

On Tuesday, hackers briefly took over the Twitter accounts of retailer Target and Google's G Suite to promote a fake cryptocurrency giveaway, raising questions about whether the social media company has the problem under control. 

In the past, bitcoin scammers have tried to impersonate Tesla CEO Elon Musk after hijacking a verified account.

On Monday, hijacked Twitter accounts for Farah menswear, a UK clothing brand, and the Australia office of IT consulting firm Capgemini also tweeted they were giving away cryptocurrency. At first glance, the tweets looked as though they were coming from Musk but the names of the account handles signaled they were scams. 

Other businesses, including a book publisher and record label, have been victims of this scam. The attackers hijack a verified account, often with thousands of followers, and change the name and profile picture to impersonate Musk. They then ask users to send some of their own cryptocurrency to participate in the fake giveaway. 

"We are aware that a number of Twitter accounts at various organizations have been impacted by this scam and the Capgemini Australia account was among them. It's in the process of being restored and no Capgemini client operations have been adversely impacted," said Violet Yeo, a spokeswoman for Capgemini, in a statement on Monday.

It also appears the scammers are purchasing ads through the social network to "promote" their tweets to more users. 

Some Twitter users have been duped by this scam. One recently hacked account, @PantheonBooks, reportedly scammed users out of $180,000 worth of bitcoin. 

A Twitter spokesperson said in a statement that impersonating another user is against the social network's rules and the company has been improving how it tackles these cryptocurrency scams.

In recent weeks, the number of times tweets from these fake accounts show up in a user's timeline has fallen "by a multiple of 10," according to Twitter.  

"Scammers are constantly changing their methods and it's our job to stay on top of their movements, observe their actions and work to stay one step ahead. In most cases, our enforcement teams are detecting this activity and taking these down before they're reported," a company spokesperson said in a statement. 

Twitter users can also add an extra layer of security to their account by enabling two-factor authentication, the company said. 

Farah didn't immediately respond to a request for comment. 

First published Nov. 12, 1:17 p.m. PT.

Update, Nov. 12, 5:21 p.m. PT: Adds Capgemini's statement. Update, Nov. 13, 8:37 a.m. PT: Adds information about Target's hijacked account. Update, Nov. 13, 2:21 p.m. PT: Adds information about Google G Suite's hacked account.

The Honeymoon Is Over: Everything you need to know about why tech is under Washington's microscope.

Infowars and Silicon Valley: Everything you need to know about the tech industry's free speech debate.