Don't let the Elon Musk crypto giveaway scam swindle you.
Dave Bittner: Hello, everyone and welcome to the CyberWire's Research Saturday. I'm Dave Bittner and this is our weekly conversation with researchers and analysts tracking down the threats and vulnerabilities, solving some of the hard problems of protecting ourselves in a rapidly evolving cyberspace. Thanks for joining us.
Shiran Guez: The fact that it was still going on, that was what made us so surprised and, and have challenged us to, to look at it once more.
Dave Bittner: That's Shiran Guez. He's senior manager for information security at Akamai. The research we're discussing today is titled "Chatbots, Celebrities, and Victim Retargeting: Why Crypto Giveaway Scams Are Still So Successful."
Shiran Guez: It's not very common to have a, a crypto scam or a scam that is being running for over five years.
Dave Bittner: Well, let's go through it together here. I mean, for folks who aren't familiar with how this scam works, can you walk us through it? How does it begin?
Shiran Guez: Yeah. OK. So, so it's actually beginning with a simple publication that, that is being running over either the Twitter or over even YouTube if we last saw the, the scams that, that were running there. Telegram channels, any social media that, that they -- that the threat actor kind of taps into. And it is often being triggered by some noticeable known, I would call it a celebrity, that, that is being talking about something that is related to crypto or even just talking about something that is putting the, the social public into the, the attention. That is kind of the trigger where the, the scammers are being tapping on and, and popping up all these kinds of social, social media publications around the crypto scam.
Dave Bittner: You know, I've been around long enough that I remember when these scams focused on Bill Gates. You know, you'd be on somewhere like Facebook or something like that and a message would pop up and it would say, "Hey, everybody, I'm Bill Gates and I'm giving away my fortune. And lucky you, you're going to get some." But -- so, the, the scam, it's kind of following the, the same model there. But is it fair to say that cryptocurrency has added fuel to the fire here?
Shiran Guez: Yeah, definitely, I do agree with, with that statement the -- that the crypto arena has been surging since at least 2000 -- 2018, crypto currencies like Dogecoin, Ethereum and even Bitcoin as the main driver have been surging in thousands of per- percentage. And since, since then, we have seen the rise of Dogecoin from 0.0 -- 0.5 to almost $1 which is thousands of percents over a very short periods of time. So, people have been jumping on the, what we call the, the FOMO kind of movement which is the fear of missing out. So, this was definitely a very big driver for people to, to have a life-changing kind of, kind of life changing success over using this kind of scams.
Dave Bittner: Yeah, it's interesting to me as you point out in the research here that it seems as though Elon Musk is the, the, the big lure in these, which I guess makes sense being known worldwide as a, a person with a lot of money and also someone interested in crypto. It was interesting to me that you all highlighted that not only do people pretend to be Elon Musk but there'll be a lot of scams where they sort of follow on to, to things that he might be publishing legitimately. That they'll, they'll find folks who are legitimate celebrities and they'll sort of tack on to what they're doing to try to draw attention and leech off of their audience that way.
Shiran Guez: Yeah, exactly. The -- we, we saw a lot of that kind of a, a methodology that they are using specially on Twitter where Elon Musk would tweet something around the Dogecoin or around cryptocurrency in general. And, and very soon after, you would see in the inner threads which, which are very, very noisy, you would see such messages that lure the crowd or lure the victims into, into tapping into the, the campaign publishing, "Hey, and I would give away this, this and that amount of money, just give me X and I will give you 2x or 10x," or whatever that, that the scammer has brought up.
Dave Bittner: The research digs into some of the scam kits that are out there, ways that folks can get into this business. Can you take us through that component of this? How, how does that work?
Dave Bittner: Let's go through some of the technical elements here that you all have shared in the research here. What, what are, what are some of the interesting things going on under the hood behind the scenes?
Dave Bittner: Well, let's talk about ways to prevent this. So, what are your recommendations for folks to best protect themselves?
Shiran Guez: That- that's a great question. So, so, so first, I, I would say, first and almost the bottom line, there are no free gif- gifts. No one is going to give you money back for any sum of money that you would give. There is no such no such, no such kind of magic of getting, getting back the money. I would say that if you are totally convinced that this is legitimate, I would definitely go and validate, go and validate the source basically, try to talk with the person. But, but this is something that definitely you should not, you should not expect to see money back on your, on your -- if you're sending any money to the, to the attacker. Not, not related to the stamping. Any- anytime that you are sending money to anyone, it, it should be as a consequence of you're getting a service, you are paying for a product. And you should always verify who, who you are paying to. The- there is no way around it. You should do your due diligence, your research about the person that you are paying the money. But for that scam specifically. I would say don't that there is no, there is no way free gifts for, for, for, for that.
Dave Bittner: Yeah. I, I think it's worth, you know, mentioning that I, I, I suspect for our audience, they probably consider themselves fairly sophisticated and, and wouldn't imagine falling for this sort of thing. But that's not necessarily true of our friends and family. And so, I think it's important for those of us who have that level of sophistication to be sure to get out there and spread the word about this sort of thing. Because as you mentioned, you know, this has been around for a while. It's evolved some which is what you all are tracking here but it stays around because it works.
Shiran Guez: Exactly. The, the scam is very easy, right? It's, it's they are, they are simply releasing kits everywhere that they are sending like a, a net and then -- and luring the fishes into the net. That that's a, that's a very, you know, easy scam from, from their side and very lucrative. We see that -- initially when, when that phishing campaign started, they asked for a specific amount and they said that they are going to return your specific amount. But over time, they'd said, "Wait, I don't need a specific amount. Send any amount and I will send you double." And, and basically -- and, and, and you can see that, that people are, are -- people that, that are not aware are trying. They're -- they are, they are trying -- they are sending like small amounts. There are people that are falling with large amounts and, and this is very, you know, unfortunate. But, but overall, you, you would see that there are a lot of transactions that, that are happening with these scammers because people are unaware. That- that's the most concerning part.
Dave Bittner: Our thanks to Shiran Guez from Akamai for joining us. The research is titled "Chatbots, Celebrities, and Victim Retargeting: Why Crypto Giveaway Scams Are Still So Successful." We'll have a link in the show notes. The CyberWire Research Saturday podcast is a production of N2K Networks, proudly produced in Maryland out of the startup studios of DataTribe where they're co-building the next generation of cybersecurity teams and technologies. This episode was produced by Liz Ervin and senior producer Jennifer Eiben. Our mixer is Elliot Peltzman. Our executive editor is Peter Kilpe. And I'm Dave Bittner. Thanks for listening.