Twitter bitcoin scams: Google's G Suite and Target accounts get hacked
Cryptocurrency scammers are promoting tweets through ads after they hijack verified accounts.
- 2022 Eddie award for consumer analysis
Twitter says it's been improving how it tackles these cryptocurrency scams.
Bitcoin scammers are at it again on Twitter.
On Tuesday, hackers briefly took over the Twitter accounts of retailer Target and Google's G Suite to promote a fake cryptocurrency giveaway, raising questions about whether the social media company has the problem under control.
And now @Target.
— Graham Cluley (@gcluley) November 13, 2018
This isn't just Target's problem. This is @Twitter's problem. They clearly haven't got a handle on these cryptocurrency scams.
As previously discussed here: https://t.co/0l44PVFPI9 pic.twitter.com/81i6GIv3qs
In the past, bitcoin scammers have tried to impersonate Tesla CEO Elon Musk after hijacking a verified account.
On Monday, hijacked Twitter accounts for Farah menswear, a UK clothing brand, and the Australia office of IT consulting firm Capgemini also tweeted they were giving away cryptocurrency. At first glance, the tweets looked as though they were coming from Musk but the names of the account handles signaled they were scams.
Other businesses, including a book publisher and record label, have been victims of this scam. The attackers hijack a verified account, often with thousands of followers, and change the name and profile picture to impersonate Musk. They then ask users to send some of their own cryptocurrency to participate in the fake giveaway.
"We are aware that a number of Twitter accounts at various organizations have been impacted by this scam and the Capgemini Australia account was among them. It's in the process of being restored and no Capgemini client operations have been adversely impacted," said Violet Yeo, a spokeswoman for Capgemini, in a statement on Monday.
It also appears the scammers are purchasing ads through the social network to "promote" their tweets to more users.
It would appear that @Capgemini Australia’s official twitter handle has been hacked and is now being used (via promoted tweets) to represent as an @elonmusk-related BTC giveaway.
— James Lloyd 勞瞻斯 (@jamesplloyd) November 12, 2018
(Go to all this trouble and still misspell “support”? 419 scam self-selection) pic.twitter.com/fBDYCGqCy9
One of those promoted fake Elon Musk bitcoin tweets from a verified account just appeared on my timeline. Hey @jack, are you anywhere close to cracking this scam? pic.twitter.com/lxi8Av8Pg5
— Katie Collins (@katiecollins) November 12, 2018
Some Twitter users have been duped by this scam. One recently hacked account, @PantheonBooks, reportedly scammed users out of $180,000 worth of bitcoin.
A Twitter spokesperson said in a statement that impersonating another user is against the social network's rules and the company has been improving how it tackles these cryptocurrency scams.
In recent weeks, the number of times tweets from these fake accounts show up in a user's timeline has fallen "by a multiple of 10," according to Twitter.
"Scammers are constantly changing their methods and it's our job to stay on top of their movements, observe their actions and work to stay one step ahead. In most cases, our enforcement teams are detecting this activity and taking these down before they're reported," a company spokesperson said in a statement.
Twitter users can also add an extra layer of security to their account by enabling two-factor authentication, the company said.
Farah didn't immediately respond to a request for comment.
First published Nov. 12, 1:17 p.m. PT.
Update, Nov. 12, 5:21 p.m. PT: Adds Capgemini's statement. Update, Nov. 13, 8:37 a.m. PT: Adds information about Target's hijacked account. Update, Nov. 13, 2:21 p.m. PT: Adds information about Google G Suite's hacked account.
The Honeymoon Is Over: Everything you need to know about why tech is under Washington's microscope.
Infowars and Silicon Valley: Everything you need to know about the tech industry's free speech debate.