If you wanted proof that crypto scams have gone mainstream, look no further than our Twitter accounts, @LilyKatz and @olgakharif. During the first three weeks of May, fraudsters copied our pages, including profile photos, to push Ether swindles onto our 17,000 collective followers. And in spite of multiple requests to Twitter Inc. to have them removed, at least one of our doppelgĂ¤ngersâ€”and a host of other bot-driven fakes targeting individuals and companiesâ€”are still out there offering unbelievable deals. â€śSetting up a bot is easy-peasy,â€ť says Roger Kay, president of Endpoint Technologies Associates. â€śThe sign-up probably takes longer than the programming.â€ť
Twitter is a hotbed of crypto gossip and one of the preferred places for promoters to hawk their products, so it makes sense that scammers are crowding onto the platform. We discovered @LilyKatz5 first, after the impostor tweeted at the real accountâ€™s followers with a promise of up to 100 Ether to anyone who sent in a small quantity of cryptocurrency. Twitter shut down the copycat once Lily uploaded a photo of her passport as proof of her identity, but thatâ€™s a step many privacy-minded users donâ€™t feel comfortable taking.
Then the digital grifters got smarter: Two weeks later, another fraudster using Lilyâ€™s photo and name, with the handle @subidetu4692, first blocked her so she wouldnâ€™t see the tweets, then spammed her followers with too-good-to-be-true Ether offers. Lily didnâ€™t know about the tweets until a fellow reporter alerted her. A quick look at the blockchain suggests that the scammer has made progress; the account linked to @subidetu4692 received Ether in 10 separate transactions over the past couple of weeks, typically in amounts of 0.5 to 1.
Olga discovered her evil twin on May 10, when @o1gakharif tweeted at her to try to reach her followers, touting Ether offers. She twice notified Twitter on its website but didnâ€™t feel comfortable sharing personal documents online to prove her identity. Neither did Lily on her second go-round. Weâ€™ve both since worked with Twitter to become verified without having to share our private documents. Twitter suspended the second counterfeit Lily account on May 22, about a week after it first tweeted scams targeted at her followers. Olgaâ€™s spoof account was still up as of that date.
Elon Musk and Ethereum co-founder Vitalik Buterin are among the more prominent public figures targeted by the bot army. Since cryptocurrencies have grabbed the publicâ€™s attention, Twitter has become a free forum for people to hype their offerings, says the Texas State Securities Boardâ€™s Joe Rotunda, whose enforcement division is cracking down on scammers. â€śPromoters of cryptocurrency offerings typically donâ€™t employ a sales force,â€ť he says. â€śThe business model simply doesnâ€™t contemplate boiler rooms and call centers, where telemarketers frantically dial for dollars.â€ť
As day traders and newbies sift through posts to try to find the next coin that will surge 1,000 percent in a week, screaming headlines can grab them, and the fear of missing out may lead to poor choices. And unlike credit card transactions or most other payments, coin transfers usually canâ€™t be reversed, says Luke McNamara, a principal analyst at FireEye Inc. â€śThis is a space where individuals are responsible for their own security,â€ť he says. â€śThatâ€™s why weâ€™ve seen so many bad actors gravitating into this space.â€ť There isnâ€™t much hard data to quantify the extent of the spoofing, but Lex Sokolin, global director of fintech strategy at Autonomous Research, estimates the rate of phishing likely reaches up to 5 percent of all crypto-related conversations on Twitter.
Twitter says itâ€™s aware of the problem and is working on fixes, according to an email from a spokesman. Over the past few months the company has cracked down on bots by limiting usersâ€™ ability to perform coordinated posts across multiple accounts, which could mean a bot is at work. At the Consensus 2018 conference in May, crypto entrepreneur Elizabeth Stark jokingly warned Twitter Chief Executive Officer Jack Dorsey onstage that she wasnâ€™t giving away any free Ether. He promised her the company is â€śtrying to fight scams.â€ť
Individuals are doing their part, too. Buterin has since inserted a disclaimer into his handle stating heâ€™s not giving away Ether. Many cryptocurrency exchanges, including Coinbase, have also issued warnings. But some observers say Twitter, looking to hold on to its average 336 million monthly active users, may not have enough incentive to dump the fakers. â€śMy impression is that Twitter could do much more,â€ť says Endpoint Technologiesâ€™ Kay. â€śThe problem is that cleaning up the platform is detrimental to its business model.â€ť To address problems of spam and bots, Twitter has made more than 30 changes to its product, policies, and operations in the past 16 months, and its systems are already identifying and reviewing more than 6 million suspicious accounts per week, said an email from the company.
People like Zooko Wilcox want to see more help from Twitter in the war on bots. â€śItâ€™s not something we can solve ourselves,â€ť says the founder of Zcash Co., which supports the network running the Zcash token. He too has been impersonated by scammers, and as he sees it, the process for getting rid of them is too invasive and time-consuming, and itâ€™s too easy for them to create more bogus handles. In the meantime, donâ€™t send anyone Ether on our say-so; itâ€™s definitely a scam.Â
Follow @crypto on Twitter for the latest news.