Here is why you should never readily trust anyone on Twitter – even those with blue badges. A shifty user has leveraged his verified profile to impersonate high-profile cryptocurrency influencers and scam people.
The malicious individual was busted using the verified @Protafield handle to trick naive users into sending over Ethereum – a new tactic which has been running rampant in the blockchain space as of recently.
The twitter user @Protafield has been pretending to be Bitfinex and asking people to send over ETH. Indeed, one of the tweets from the profile reads “Send from 0.5 to 5 ETH to the address below and get from 5 to 50 ETH back!”
As per Etherscan, the associated address has received more than 31 ETH at the time of writing.
This is insane. @Protafield is a blue checkmark verified user who has changed name and account details to match @Bitfinex
Then they are pretending to do giveaways and stealing ETH from [email protected] wtf is wrong with your website get ur shit together pic.twitter.com/NzPwTa0RTQ
— Whalepool (@whalepool) April 7, 2018
Before Bitfinex, the user was reportedly pretending to be Justin Sun, founder of Tron Foundation.
This is not the first time these fraudulent attempts are being made in the cryptocurrency space.
In fact, TRON Foundation itself had suffered another phishing attack in a similar fashion earlier in February. Hackers were able to hijack a verified Twitter account and change its handle to @TronfoundationI to clone the real @Tronfoundation.
Among others, Binance was also one of the victims of this verified-account phishing attacks.
Twitter says that changing one’s username should result in losing the verified-profile privilege. If this feature worked as described though, these scams shouldn’t have been possible.
Please note: changing your username will result in losing your badge. Questions? File request at http://t.co/zb2ykUyF we’ll get to it ASAP!
— Twitter Verified (@verified) July 19, 2012
Concerned users brought the phishing scam to the attention of Twitter CEO Jack Dorsey back in late-February.The Twitter chief confirmed the bug and assured the company is working on a solution.
Yes, we discovered this and are fixing process.
— jack (@jack) February 26, 2018
Despite these promises though, it is quite clear that the micro-blogging service has yet to deploy a fix for this bug. And given the wild volume of scams in the cryptocurrency space, Twitter better act quick.
We’ve contacted Twitter for further comment and will update this piece if we hear back.