Powered by

Cryptocurrency thieves are using verified profiles to scam and Twitter is not helping

Twitter keeps saying they are fixing the issue, but the scams are not stopping.

Twitter scam alert

Here is why you should never readily trust anyone on Twitter – even those with blue badges. A shifty user has leveraged his verified profile to impersonate high-profile cryptocurrency influencers and scam people.

The malicious individual was busted using the verified @Protafield handle to trick naive users into sending over Ethereum – a new tactic which has been running rampant in the blockchain space as of recently.

The twitter user @Protafield has been pretending to be Bitfinex and asking people to send over ETH. Indeed, one of the tweets from the profile reads “Send from 0.5 to 5 ETH to the address below and get from 5 to 50 ETH back!”

As per Etherscan, the associated address has received more than 31 ETH at the time of writing.

Before Bitfinex, the user was reportedly pretending to be Justin Sun, founder of Tron Foundation.

This is not the first time these fraudulent attempts are being made in the cryptocurrency space.

In fact, TRON Foundation itself had suffered another phishing attack in a similar fashion earlier in February. Hackers were able to hijack a verified Twitter account and change its handle to @TronfoundationI to clone the real @Tronfoundation.

Buzzfeed's report on Tron Foundation Scam in February 2018
Buzzfeed’s report on Tron Foundation Scam in February 2018

Among others, Binance was also one of the victims of this verified-account phishing attacks.

Twitter says that changing one’s username should result in losing the verified-profile privilege. If this feature worked as described though, these scams shouldn’t have been possible.

Concerned users brought the phishing scam to the attention of Twitter CEO Jack Dorsey back in late-February.The Twitter chief confirmed the bug and assured the company is working on a solution.

Despite these promises though, it is quite clear that the micro-blogging service has yet to deploy a fix for this bug. And given the wild volume of scams in the cryptocurrency space, Twitter better act quick.

We’ve contacted Twitter for further comment and will update this piece if we hear back.