Cybersecurity analyst Serpent in a 19-part thread outlined the sophisticated strategies scammers use for the most dastardly crypto scams and s well as non-fungible tokens’ (NFT) currently active on Twitter.
The analyst is the creator of Sentinel, artificial intelligence and community-powered crypto scams mitigation solution, and has 253,400 followers on Twitter.
Serpent described how scammers prey on naive cryptocurrency consumers by employing imitation websites, URLs, accounts, hacked verified accounts, false projects, fake airdrops, and a ton of malware in a 19-part thread published on August 21.
In light of the current uptick in protocol attacks and crypto phishing schemes, one of the more concerning tactics has emerged. According to Serpent, criminals employ the “Crypto Recovery Scam” to deceive those who recently lost money as a result of a widespread hack, saying:
“Simply put, they attempt to target people who have already been scammed, and claim they can recover the funds.”
These con artists, according to Serpent, pose as blockchain developers and look for individuals who have recently been the target of a significant hack or exploit. They then persuade them to pay a fee to create a smart contract that can help them retrieve their stolen cash. They “take the fee and run” instead.
This was demonstrated when the community was warned by Heidi Chakos, the host of the YouTube channel Crypto Tips, to be wary of con artists proposing a fix for the vulnerability, following the multimillion-dollar exploit affecting Solana wallets earlier this month.
Fake Revoke.Cash Scam
Another strategy also leverages recent exploits. The analyst claims that the “Fake Revoke.Cash Scam” uses a “state of urgency” to get consumers to click a malicious link by informing them that their cryptocurrency assets may be in jeopardy.
Unicode Letters
Another tactic involves hacking a verified Twitter account, renaming it, and then using it to pretend to be someone in authority to promote bogus mints or airdrops. A third tactic involves using “Unicode Letters” to make a phishing URL nearly identically resemble a legitimate one.
The remaining frauds go after people who want to participate in a “get wealthy quick” scheme. This includes the “Uniswap Front Running Scam,” which is frequently represented by spam bot messages instructing users to view a video on how to “earn $1400/DAY front-running Uniswap” but really conspires to get them to send money to a scammer’s wallet.
Honeypot Account Scam
Another tactic is called a “Honeypot Account,” where customers are apparently given access to a wallet that is loaded in exchange for a “private key.” Still, when they try to send cryptocurrency to pay for the transfer of coins, the funds are instead delivered directly to the scammers’ wallets via a bot.
Other strategies include soliciting high-value NFT collectors to “beta test” a new Play-to-earn (P2E) project or game or hiring NFT artists to create fake work. However, in both cases, the ruse is merely an excuse to send the collectors malicious files that can scrape browser cookies, passwords, and extension data.
According to a Chainalysis analysis released last week, the sector’s naïve crypto consumers have left the market, and dropping asset prices have caused a 65% decline in 2022’s revenue from cryptocurrency scams. Year-to-date gain from cryptocurrency scams is already $1.6 billion, down from roughly $4.6 billion in the previous year.
