Scammers are tricking gullible Twitter users into sending their hard-earned ether (Ethereum’s in-house cryptocurrency) to random addresses with the empty promise of a hefty giveaway. It’s the latest chapter in the neverending saga of scammers exploiting the cryptocurrency gold rush, and the so-called Bitcoin or Ethereum FOMO, or fear of missing out on an investment.
In this case, the scammers are out in the open impersonating well-known figures in the cryptocurrency community or the tech world, such as Ethereum founder Vitalik Buterin, Elon Musk, and John McAfee. The scammers often reply to tweets from the real accounts they are impersonating, in an apparent attempt to catch distracted users who might not notice that the Twitter handle is different, or that the account lacks a verified checkmark.
A fake account looking for a handout. Screengrab: Twitter
I visited these links and checked the Ethereum addresses they advertise. If someone clicks on the short URLs, they are taken to a page that looks like this:
To further deceive people, those pages includes what looks like a log of Ether payments, both incoming and outgoing. But the logs don’t appear to be real. The scammers also appear to be using other fake Twitter accounts to make it look like they’re giving out ether.
The below screenshot of an Ethereum address used by the scammers—and linked to in the tweets soliciting money—shows outgoing payments, but it is likely forged. If you check the address’s balance on a legitimate blockchain explorer, there are no outgoing payments, only incoming. This particular scammer has gathered more than 40 Ether (roughly $35,000) as of this writing. If you’re keeping track at home, these Twitter accounts posted the link that lead to that address.
A forged transaction log. Screengrab: Author
“Twitter is terrible, part 629: go to this link, but with the space removed. Notice how it is not in fact my tweet,” Buterin tweeted on Friday, showing how easy it is to trick people.
Twitter did not immediately respond to a series of questions asking what the company is doing to stop these scams.
On Friday, scammers were apparently using a new trick to—presumably—circumvent Twitter filters: using a Cyrillic letter that looks like an “r” when posting the word “address,” as malware researcher Mikko Hypponen noted in a tweet on Friday.
Please, do not believe people who are literally promising free money in exchange for your money. They’re probably not going to give it to you. In the last few months, we’ve seen countless examples of these scams. Some scammers impersonate well-known professors on Slack, others even tried—and failed—to scam our own cryptocurrency expert in residence and editor Jordan Pearson. More sophisticated crooks have been targeting people’s online accounts directly, hijacking their SIM cards and stealing their passwords. So be careful with that too and enable two-factor with an app (and not with your cellphone number) if you use exchanges like Coinbase or Gemini.
Get six of our favorite Motherboard stories every day by signing up for our newsletter .
CORRECTION: An earlier version of this article referred to Ethereum addresses as wallets. This is incorrect because wallets manage addresses, and they are not the same thing. Motherboard regrets the error.