Bitcoin Scams Infest Social Media

A new breed of financial scam involving Bitcoin is actively spreading across social networks.

“They succeed by leeching onto the money-driven hype associated with the latest and greatest hallmarks of popular culture,” said researchers at ZeroFOX, which uncovered the campaign. “Earlier this month, the price of a single Bitcoin eclipsed the price of an ounce of gold for the first time ever. This news, coupled with the exploding adoption of its underlying technology—blockchain—beyond the financial world, is attracting a new flock of clientele, investors and entrepreneurs to the fledgling cryptocurrency.”

There are four main categories of scam, ZeroFOX noted in an analysis: Malware gambits, Bitcoin phishing impersonators, Bitcoin-flipping scams and Bitcoin pyramid schemes.

On the malware front, bad actors try to entice users to click through URLs posted to social media using the promise of Bitcoin. The URL leads to a website that attempts to download a malware-laden app. Fake Bitcoin surveys are often used to distribute malware too.

Meanwhile, impersonators post links on social media that lead to phishing websites that allegedly offer a search service, enticing users to enter in their private Bitcoin key to see if it exists in their database. Once entered, the private key will simply be phished, allowing the scammer to spend directly from the curious Bitcoin owner’s wallet.

Flipping scams advertise on Instagram and elsewhere, and offer to instantly exchange Bitcoins for money after paying an initial startup fee or a promise to double your initial investment overnight. Of course once turned into the “exchange bureau,” the Bitcoins are stolen immediately.

In the pyramid scheme, scammers are hawking high-yield investment programs and multi-level marketing. It’s a well-known configuration that goes back decades in the real world: A low initial investment can be multiplied by signing up additional members using referral links. The Bitcoin version often involves fake donations; people involved use social media to spread word of the scheme.

The rise of the Bitcoin scam is a result of a perfect storm of trends, the firm noted. For one, social media is a perfect conduit to the right kind of victim.

“Social media provides access to a key demographic of digitally connected people who are most interested in getting into the Bitcoin game, but who also lack the specialized expertise necessary to tell a legitimate from an illegitimate offer,” the researchers explained.

Also Bitcoin, as a virtual currency, is anonymous—much like cash. But unlike the cold, hard stuff, it’s decentralized and not controlled by any financial institution or government.

“When fraud is committed in Bitcoin’s name, its lack of a central authority is exactly what makes it impossible to recover any losses,” ZeroFOX noted. “Once a victim is duped, the buck stops there: No bank or credit card issuer can bail them out in this regulatory vacuum.”

The other interesting hallmark is that Bitcoin transactions can neither be changed nor removed.

“This is a feature, not a bug,” the researchers explained. “No one can alter records after the fact, creating an incorruptible and permanent ledger dating all the way back to the first-ever transaction. There’s no way to recover losses once Bitcoins are spent, creating an easy way to engage in money-flipping scams, like ‘send me Bitcoins, and I’ll pay you back double!’” 

What’s Hot on Infosecurity Magazine?