Online scammers have made over $5,000 worth of Ethereum in one night alone, showing how gullible some cryptocurrency users can be.
Miscreants achieved this by creating fake Twitter profiles for real-world celebrities and spamming the social network with messages tricking users to participate in "giveaways."
Crooks deceived users into sending a small amount of Ethereum, promising they would receive the sum ten times over as part of the giveaway.
All the messages followed the same pattern, even if the sums and Ethereum wallet addresses varied between the fake Twitter accounts.
Bleeping Computer has looked into the massive scam operation that took place last night and discovered tweets and fake accounts going back at least two weeks.
Here are some of fake accounts we identified participating in this scheme:
We identified several of the Ethereum wallets advertised in tweets from these accounts [1, 2, 3, 4, 5, 6, 7, 8]. According to our calculations, crooks tricked users into sending over more than 7.69 Ethereum, worth around $6,400 at the time of writing. The sum could be actually higher if we take into account that we missed many Ethereum wallets that were advertised via now-suspended Twitter accounts.
While the campaign raged for almost two weeks, it mostly failed to garner any funds. Everything changed last night when crooks made 6.2 ETH of the 7.69 ETH total we tracked down.
By far, most of the funds were received in an Ethereum wallet advertised in tweets by fake profiles made in the names of John McAfee, Vitalik Buterin, and Elon Musk.
Taking into account the user interest in the Falcon Heavy rocket launch and the fact that Musk just sent an electric Tesla roadster into outer space, we can safely assume tweets from the faux Musk Twitter profile got the most attention and most likely helped crooks earn most of their funds.
Over $5,000 for a day's work is a nice profit, taking into account that all crooks had to do was create fake profiles and tweet the same message a few times.
Users shouldn't be surprised this trick worked. It's been working for at least three decades. Email spammers are known to exploit current-day events to trick users into visiting malware-laden websites every time a big political event happens, when natural disasters occur, or when a big celebrity passes.
This is also not the first incident where cryptocurrency users are tricked into sending money to the wrong wallets. An email coming from a clearly non-official source tricked Bee Token ICO participants into sending a whopping $1 million worth of Ethereum to a scammer's wallet. The sum represented 20% of the total funds raised by the actual Bee Token ICO.
h/t: Debasish Dey