A phishing campaign is pushing cryptocurrency scams posing as the “Elon Musk Mutual Aid Fund,” according to BleepingComputer. The emails have odd subject lines and content, but contain an HTML attachment titled “Get Free Bitcoin.” If a user opens the attachment, they’ll be redirected to a phishing site.
The site has a picture of Elon Musk, and states, “Hello, dear friend. My name is Elon Musk. It has been exactly a year since I organized the MUTUAL ASSISTANCE FUND in cryptocurrency. Each member of the fund can receive Instant help from other participants in bitcoins 0.001 to 0.055 bitcoin. To participate, For you, I left a unique invitation at the link below. Best regards, founder of the fund, Elon Musk.
If the user clicks on the invitation site, they’ll be asked to enter their Bitcoin address, and will then see a series of pages that purport to show their account receiving Bitcoin donations. In order to accept this Bitcoin, however, the user is asked to donate 0.001 Bitcoin themselves, which the scammers will keep.
While most people would recognize this as a scam, some have already fallen for it. BleepingComputer notes that two of the Bitcoin addresses have already received around $3,661, and payments continue to roll in.
“As these scams have the potential to generate a large amount of money for threat actors, they are not going away any time soon and will likely continue to spread to other messaging platforms,” BleepingComputer says. “Therefore, everyone needs to recognize that almost every crypto giveaway site is a scam, especially those that pretend to be from Elon Musk, Tesla, SpaceX, and Gemini. If you receive emails, tweets, or other messages on social media promoting these types of giveaways, it is safer to realize that cryptocurrency you send will not produce anything in return.”
New-school security awareness training can give your employees a healthy sense of suspicion so they can avoid falling for these types of scams. People fall for even the most implausible scams.
BleepingComputer has the story.