Cybersecurity analyst Serpent has revealed his picks for the most despicable crypto and non-fungible token (NFT) scams currently active on Twitter.
The analyst, who has 253,400 Twitter followers, is the founder of artificial intelligence and community-based crypto threat mitigation system, Sentinel.
In a 19-part thread posted on August 21, Serpent explained how scammers target inexperienced crypto users through the use of hacked websites, URLs, accounts, verified accounts, fake projects, fake airdrops and lots of malware.
One of the most worrying strategies comes amid a recent spate of crypto phishing scams and protocol hacks. Serpent explains that the crypto recovery scam is used by bad actors to deceive those who have recently lost funds due to widespread hacking, stating:
“Put simply, they try to target people who have already been scammed and claim they can get the funds back.”
According to Serpent, these scammers pretend to be blockchain developers and are looking for users who have fallen victim to a recent hack or large-scale exploit, asking them for a fee to deploy a smart contract that can recover their stolen funds. . Instead, they “take the charge and run away”.
This was seen in action after the multi-million dollar exploit affecting Solana wallets earlier this month, with Crypto Tips YouTube channel host Heidi Chakos warning the community to beware of scammers offering a solution to the piracy.
Another strategy also takes advantage of recent exploits. According to the analyst, the Fake Revoke.Cash Scam tricks users into visiting a phishing website by warning them that their crypto assets may be at risk, using a “state of emergency” to trick users into clicking on the malicious link.
Another strategy uses Unicode letters to make a phishing URL look almost exactly like a real one, but replacing one of the letters with a Unicode lookalike. Meanwhile, another strategy sees scammers hack into a verified Twitter account, which is then renamed and used to impersonate someone of influence for fake shill mints or airdrops.
The remaining scams target users who want to participate in a get-rich-quick scheme. This includes the Uniswap Front Running scam, often seen as bot spam messages telling users to watch a video on how to “earn $1400/DAY with Uniswap”, which instead tricks them into sending their funds to the wallet. ‘a crook.
Another strategy is known as a Honeypot account, where users are expected to divulge a private key to access a loaded wallet. But, when they attempt to send cryptos in order to fund the coin transfer, they are immediately bounced to the crooks’ wallets via a bot.
Other tactics include asking high-value NFT collectors to “beta test” a new game or play-to-earn (P2E) project or commissioning fake works from NFT artists. But, in both cases, the trick is just an excuse to send them malicious files that can delete cookies, passwords and browser extension data.
Related: Aurora Labs exec details ‘fascinating and devious’ crypto scam he nearly fell for
Last week, a report by Chainalysis noted that crypto scam revenues have so far fallen 65% in 2022 due to falling asset prices and inexperienced crypto users exiting the market. Total year-to-date crypto scam revenue currently stands at $1.6 billion, up from around $4.6 billion the previous year.