In what is becoming an emerging trend, Twitter accounts of popular brands are being hacked in an attempt to scam unsuspecting users out of their cryptocurrencies.
Target and Google are two high profile targets that have seen their accounts taken over by hackers who, in turn, have used them to scam followers by advertising fraudulent crypto giveaways.
Target’s Twitter account, which is followed by nearly 2 million users, posted a tweet, confirming the hack which occurred on November 13, 2018. The retailer stated:
“Early this morning, our Twitter account was inappropriately accessed. The access lasted for approx. half an hour & one fake tweet was posted during that time about a bitcoin scam. We have regained control of the account, are in close contact with Twitter & are investigating now.”
Seemingly targeted by the hacking syndicate, Google’s G Suite Twitter account was breached hours after Target fell victim. The hack on Google was marked by the same tactics as the one that plagued Target — a scammy tweet ridden with typos promising free bitcoin to G Suite’s 800,000 followers.
A Google spokesperson confirmed the hack to Business Insider in a statement:
“This morning an unauthorized promoted tweet was shared from the G Suite account. We removed the tweet and are investigating with Twitter now.”
These incidents are a more sophisticated version of the Twitter scams that have become a constant nuisance for the cryptocurrency community. Typically, these scams include bad actors merely imitating popular figures in the crypto industry with near-identical profiles, though it’s rare for the real accounts themselves to be taken over to advertise the scams.
While it’s unclear how scammers are gaining access to the brands’ social media account, it’s obvious new measures are needed to combat the scams.
Criticized in the past for its failure to devise a clear defense against these incidents, Twitter is reportedly working on counter security measures to prevent similar breaches like the one witnessed by Target on its platform in the future.
Earlier this year, anti-fraud software company MetaCert released Cryptonite, a browser extension that safeguards users against fraudulent accounts.