Kaspersky researchers have uncovered a new wave of spam attacks that spread via direct messages on Twitter and steal cryptocurrency from affected users.

Twitter is known as one of the most popular social networks in the world, with around 400 million monthly active users. Lots of people who don’t know each other interact and exchange ideas here, so a direct message from a stranger may not surprise eager Twitter users so much at first.

In this message, a stranger asks us for urgent help: He is having difficulty accessing his account on a cryptocurrency exchange, so he asks you to help him withdraw a certain amount of cryptocurrency from his wallet. In the message, it indicates the domain name, username, password and the amount of crypto money in the wallet and often reaches hundreds of thousands of dollars. Kaspersky experts believe that a stranger could potentially offer victims a small amount of money in exchange for help with withdrawals. However, this is nothing more than a trap set up to target as many users as possible.

The stranger types a domain name with a space especially before the period to bypass email protection tools

By visiting the domain name shared by the foreigner, the victim finds himself on a site claiming to be an investment platform. After the user enters the username and password received from the foreigner, he actually goes to the foreigner’s account where the specified amount is. It is quite remarkable that the mere appearance of the site can arouse mistrust on the part of a potential victim; We have a poorly designed page with a poor design, where the contact list creators are not names and photos, only emails.

As stated in the message, six-figure sums of money are appearing in the stranger’s account.

In order to withdraw money from the account, the victim is asked to provide their own wallet address, blockchain and – surprisingly – an additional password, but the victim does not have an additional password. Thus, the platform offers the victim a way to transfer funds directly into the system, in which case no additional password is required; just create an account with VIP status which costs a small amount.

As soon as the victim registers in the system and enters their crypto wallet data to pay for the VIP status, the money in their account is stolen. In summary, the user is somehow incentivized to create a VIP account and pay for it, but the victim receives nothing in return and loses all their tokens.

The platform publishes an instruction on how to create a VIP account

Kaspersky security specialist Andrey Kovtun said: “First, we uncovered a mechanism where attackers offer to help strangers withdraw funds from a crypto wallet in order to steal funds from the victim’s account. Unfortunately, this crypto scam is far from the only example. Cryptocurrency remains an extremely hot target for attackers as more users open their cryptocurrency wallets and convert their currencies into coins. The blockchain is also a system that allows attackers to steal money without leaving a trace, which does not help matters. We expect more sophisticated examples of crypto scams to appear soon, so all crypto users should know how to protect their accounts, wallets, and coins. said.

Kaspersky offers users recommendations to avoid falling victim to these spam attacks:

Be careful if the message itself is in a state of panic. Spammers often try to exert pressure by creating a sense of urgency. For example, the subject line is “urgent” or “urgent action needed” to compel you to take action. sözcümay contain clear.

Be aware of how you react to spam messages. In any case, it is best not to click or open spam emails. If in doubt, be careful in deleting posts you are unsure of. Responding to a spam message was a dangerous practice. This alerts scammers that your address is a live email address and invites more spam. Do not click on links or open attachments in spam emails to avoid downloading malware or falling victim to a phishing attack.

Even if you receive a message or letter from one of your best friends, remember that their account may also have been hacked. Either way, be careful. Even if a message seems friendly, approach links and attachments with caution.