[Discussion] - Twitter is a hotbed for crypto scam bots


Userlevel 7
Badge +48


  
In case you haven't seen it @ published a blog post on crypto scam bots crawling all over Twitter as of late and casuing utter chaos, similar to the classic, 'Nigerian letter' scam. 
 
If you haven't seen it, be sure to give it a read here. It's an in-depth look at how these cyrpto scam bots are working and what can be done to combat them. 
 
Have you heard about this yet? Do you know someone who has fallen for this? Have a question for @
 
Let's get it kicked off below and get into it! 
 
 

38 replies

Userlevel 7
Badge +25
This is an old idea, but still an interestingp[ one. Problem is, who charges? If Google mail (for example) started charging for sending mail, there would just be someone else who would not. 
 
Does the receiving end charge? That does not work because paying for every email you receive puts the cost on the wrong end. 

Many ISPs tried to solve this problem by limiting the number of emails that can be sent in a day to something around 1000. Even Google has a limit. Tries to solve the problem with no costs.
 
The Internet itself charges? Who is that really, and how do they make someone pay? You are not really a customer of the internet. 
 
And, I can always just set up my own email server for (nearly)  free, and send all the messages I want for free. It is easy, I have my own mail server already. 
 
I think what we really need is verified (like registered) email. A sending system must register and verify themselves as SPAM free. Accounts may need to register as well to make this work, but maybe not. What they get is a verification from a reliable third party trusted registration service, and a certificate (or something similar) is attached to the message when set. Could be a simple as a header and certtified, date stamped key. Then receiving systems can choose to only receive email from a trusted certified source, and treat the rest as SPAM. 
Userlevel 4
Badge +1
If in doubt  - don't. Better still, stay off Twitter.
Userlevel 7
Badge +8
Thankfully I don't, nor do clients I deal with get involved with Crypto Currency.
 
Userlevel 1
Badge +2
I have the perfect defence. I don't have a twitter account.
The main thing with any scam is education. The more people know about it the less people will be caught.
 
Userlevel 7
Badge +63
To tell you the truth i haven't seen anything from my Twitter account? Let's hope it stays that way! 😃
Some measures taken by Twitter 
Userlevel 7
Badge +48
You bet @
 
If you or anyone else has something to ask @ or if there's something else you'd like us to touch on, please let me know. We love creating content for you guys! 
 
 
 
Thank you Tyler and Drew for sharing this 
Userlevel 3
Badge +1
Its a daily fight with my users - from OFFICE 365 phishing, to redirected URLS, to Twitter.  Facebook used to be the main culprit so we blocked it. 
Userlevel 4
Badge +3
As others have mentioned.  Anything unregulated and free to use is going to attract the masses, some of which are criminals.
Mass marketing of anything, howerver bad, always gets a few takers. Lets hope the recent publicity about facebook and cambridge analytica will make people more suspicious.
Userlevel 5
Badge +19
too good to be true - as it says in the tin.
 
Also: Twitter; why is it so easy to impersonate?
Userlevel 2
Badge +1
This is unsurprising seeing as though any digital social/media platform are generally always full of scams.
Userlevel 5
Badge +4
I am continually amazed by people who think that easy money is going to be.gifted them by total strangers.
 
People just have to learn to be as careful and skeptical online as they are in real life. If someone walked up to you on the street and offered a quick easy way to make thousands of dollars, you'd run away. Do the same thing when you see a similar tweet/post/email, and you'll be ahead of 95% of the population.
I was literally just talking to my brother about this the other day. These things are everywhere on Twitter, its ridiculous. I know a couple non-techie friends of mine that almost fell for these scams. Luckily they both asked me about it before doing anything, just to verify. Would have been really bad.
Userlevel 7
Badge +35
@ wrote:
We can't bury our heads in the sand, so we need to know that Webroot has our back. Does Webroot recognize the activity of cryptobots as they read and write tens of thousands of files in rapid succession?
Hello @,
 
The Crypto Scam Bots as mentioned in the blog post are simply scams on Twitter, so there is no file activity to detect. If the tweets were to contain malicious links, we would block the the links.
 
You may be referring to malicious cryptocurrency miners or encrypting ransomware, which we do protect against but are unrelated to the Crypto Scam Bots mentioned in this thread. 
 
-Dan
Userlevel 4
Badge +5
As with almost all social media and blog posts (except in technical forums, such as this), it is best to just leave the comment sections alone.
Userlevel 3
Badge +3
Was wondering when they would start there
Userlevel 5
anything out there on internet ( facebook,twitter,mails,....) if you think you will gain something from it then it is a scam, when u think it is too good to be true then it is scam.
How to teach people to stop looking for that, stop them from opening attachments from unknown contacts
This will never stop
Userlevel 3
Badge
"Twitter CEO Jack Dorsey recently announced a new verification process is coming that will make it easier for all users to obtain verification"
 
Facebook isn't the only Social Network choosing growth ahead of everything else (including security)
Userlevel 7
Badge +62
Thank you Drew!
 
I get twittered out! 😃
Thanks for sharing .
Not just twitter, they happen in other social media platforms too 
Userlevel 7
@ wrote:
We can't bury our heads in the sand, so we need to know that Webroot has our back. Does Webroot recognize the activity of cryptobots as they read and write tens of thousands of files in rapid succession?
This, is methinks, one for the Webroot professionals... @, may we have the benefit of your expertise on this interesting point?
 
Many thanks in anticipation.
 
Regards, Baldrick
We can't bury our heads in the sand, so we need to know that Webroot has our back. Does Webroot recognize the activity of cryptobots as they read and write tens of thousands of files in rapid succession?

Reply