Tweet button on keyboard

Twitter may be on fire, but scams are still all systems go

Twitter is currently the place to both be and not be. Verified accounts that aren’t actually verified (or official), and official accounts that aren’t verified! Features that no longer work! Claims that the site is dead…made on the site! People leaving but checking in every so often to see what’s happened now!

It is, quite simply, all very exciting in blue bird app land. However, the site is currently beset by spam and scams with quite a few of them riding along on Elon’s coat tails. There are also many users reporting days, if not weeks, of invite spam in their direct messages. Below are some of the things you should be watching out for on everyone’s favourite social media chaos portal.

“We are hiring” scams

Spam claiming to offer part time work at Amazon is currently the hot thing to complain about if you have your direct messages open. There are several settings for DMs, and from experience people default to “Only people I follow can send me messages”. You can of course set it to “everyone can message me” and experience the giddy thrill of spam such as the below.

These spam DM invites typically drop 40+ people into a group DM chat, at which point the spammer starts asking if anyone would like a job.

The messages read as follows:

Hello, are you looking for a part-time job to supplement your income? Congratulations, you have been invited by the Amazon platform to do a regular part-time job. Amazon platform is promoting, you can work for Amazon platform at home. The required age is 25-70, only need to work 1h 15-200$ per day, the number of places is limited. If you are interested, please contact me by clicking the link below

The link leads to a Telegram invite, inviting you to send a message to whoever is behind the Twitter spam. You should always be wary of job offers out of the blue, especially when performed in a dubious manner such as this. Our advice is to ignore the offer and block the individual responsible on as many platforms as they daisy chain themselves through.

Elon Musk “Prize of the day” scams

This is a spin on a trick which we’ve seen a few times before. How it works:

  • These posts can be replies to an Elon tweet, or standalone tweets. In both cases, they’re faked images in which “Elon” is seen to be saying: “I decided to randomly choose 1,000 new followers, who can participate to the biggest crypto giveaway. Hurry up [URL]”

  • Clicking into the screenshot takes you to a Twitter events page, with a “Prize of the day” offered up by what looks at first glance like an official Tesla account (or at least, one with a Twitter Blue tick). In fact, it’s neither of those. The profile’s avatar is the tick, and the layout of the page just makes it look as though you’re looking at the real thing.

  • Underneath that is a fake BBC breaking news account which claims that Elon is throwing a “crypto party of sorts”. (This is sounding less genuine by the second.)

Prize of the day

The supposedly official event site asks visitors to select a coin to take part in “distribution”, with Ethereum, Bitcoin, and Doge on offer. We’ve seen this style of final destination before. The site claims that whatever amount you put in, they’ll double it.

All you need to know here is: No they won’t. Send currency at your peril.

(Badly) deepfaked crypto scams

Every so often we see poorly done deepfake scam activity on Twitter. It will not surprise you to learn that these are often Elon Musk related, and the accounts involved are frequently compromised.

Thanks to Twitter’s recent change of ownership, and the new broom’s, um, interesting new approach to the site’s verification badge, these scams are starting to sport verification badges.

Verified, official, blue, or otherwise, the important thing is that anything which involves you having to hand over private keys, wallet passwords, or to “invest” to double your funds is never going to end well and that’s very much what cryptocurrency scams are all about.

For the time being, no matter what you do or where you go, there is a crypto scam waiting in the wings. Direct message, public response, hidden in events or even compromised accounts: There is no escape and everyone is thoroughly sick of it.

What fresh villainy awaits?

Twitter is currently what people refer to as a “fast moving situation”, so it’s important to know where potential threats and hazards may be lurking. With so many employees leaving the company, and a general amnesty for previously banned accounts in the works, it’s reasonable to expect the scam situation could get worse before it gets better. If it gets better. At time of writing, cryptocurrency is where it’s at for the scammers but you can also expect to see more issues with “verified” accounts if and when the Twitter Blue program comes back to life.

Stay safe out there!

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.


Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.