Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    No, Mr. McAfee is Not Giving Away Money

    McCrappy

    Cryptocurrency giveaway scams are making a comeback, with fraudsters posing as John McAfee, Elon Musk, and the Tesla company, BleepingComputer reports.

    The scams are being shared on Twitter using phony accounts, and the URL in the tweets leads to a website that very convincingly spoofs Medium, a popular online publishing platform.

    The site appears to be a Medium article announcing an official giveaway of Bitcoin and Ethereum, and it provides a link for users to visit another site where they can receive their free money.

    This site has a ticker showing how much cryptocurrency is left, accompanied by a list of transactions that other people are supposedly making in real time. This is meant to motivate the victim into acting quickly before the money runs out. The site contains instructions for users transfer between 0.05 and 5 Bitcoins or between 0.5 and 50 Ethereum to an address in order to verify their wallets. The scammers claim that the victims will receive back ten times the amount that they transferred for verification.

    The scams appear to be working, at least a little bit, because the Bitcoin address used in the Tesla scam has received $4,473 in Bitcoin, while the McAfee scam has generated $310 worth of Ethereum. BleepingComputer notes that it’s possible that the scammers placed this money in the wallets themselves to make the scam more convincing, but this doesn’t appear to be the case.

    Cryptocurrency scams are nothing new, but this one is interesting because it tricks victims into first visiting what appears to be a trustworthy publishing site in order to convince them to trust the links that the attackers are pushing. The fake Medium site has the website elements used by the legitimate site, as well as a comment section with fake people thanking Musk and McAfee for their generosity. And, of course, the maverick reputations Messrs. McAfee and Musk glory in also contribute to the faint air of plausibility.

    Of course, an observant user would notice that the spoofed Medium site’s URL isn’t legitimate, and that the cryptocurrency giveaway page is hosted on the same domain. Ideally, though, they would recognize it as a scam as soon as they saw the initial tweet. New-school security awareness training can give your employees the knowledge necessary to identify social engineering instinctually.

    BleepingComputer has the story: https://www.bleepingcomputer.com/news/security/beware-of-fake-john-mcafee-and-tesla-cryptocurrency-giveaways/

    Find out how affordable new-school security awareness training is for your organization. Get a quote now.

     
    Get A Quote
    Request A Demo
     

     

    Return To KnowBe4 Security Blog

    Topics: Social Engineering

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews