The Tesla founder’s recent tweet about cryptocurrency got him temporarily locked out of his Twitter account, demonstrating the seriousness of the scam.
Elon Musk’s Twitter account was temporarily locked last Monday night, after he posted a picture of an Anime character in a bitcoin-branded dress, together with the words: "Wanna buy some bitcoin?"
The winking emojis imply a note of sarcasm, but that wasn’t good enough for Twitter.
For nearly a year, high-profile figures, including Musk, have been the target of cryptocurrency scammers on Twitter, who impersonate their target’s profile pictures and account names in order to trick their followers into sending bitcoin, ethereum and other cryptocurrency. As shown below, the scams play on the desires of followers to become rich.
What makes these scams so dangerous is they are completely automated. In August, cyber security firm Duo Security revealed a network of 15,000 bot accounts that had been set up to execute this kind of cryptocurrency scam.
The challenge here is that moderating content on social media is difficult and the purpose of scams are often unclear, leaving the victim convinced of the supposed benefactor’s good intent.
Organizations need to arm themselves with more than just protective security solutions; note the cryptocurrency scam has no malicious software, no URL to scan, etc. It’s the users response that is the threatening action.
What’s needed is to improve the judgement of your users. Providing them with Security Awareness Training to better understand how social engineering scams like the one on Twitter work, and ow to avoid being a victim helps to lower the organization’s risk of malware infection, external attack, and data breaches.