Why is Twitter Struggling to Stop CryptoCurrency Scams?

For months now Twitter has been under fire for allowing cryptocurrency scams to flourish on its platform.

Even though the company has admitted its aware of the problem, and has claimed to be working on a fix, nothing has changed and scams continue to proliferate, making us wonder if Twitter is even capable of stopping the cryptocurrency scams.

Surely there must be some programmatic checks that can be put in place to at least minimize the damage being done by bad actors on the Twitter platform.

Where it all Began

It’s difficult to say where it all began, because for as long as I can remember there have been cryptocurrency scams floating around on crypto-Twitter.

In the past many of these were of the pump and dump type, where a small alt-coin was promoted heavily by a group just to pump up the price of that coin so it could be sold by the scammers, or dumped, for a nice quick profit.

The most recent example of this was taken to a new level after hackers took control of John McAfee’s Twitter account in December 2017 and tweeted about a “coin of the day”. He was able to quickly regain control of the account, which has the handle @officialmcafee, and tweeted this:

Later he wrote to his hundreds of thousands of Twitter followers:

Beware The Giveaway

The McAfee giveaway scam must have been quite successful, because a month later scammers were at it again with a giveaway scam, but this time with a faked Charlie Lee account.

Charlie Lee is the creator of Litecoin, and is known to be very active on Twitter. In late January 2018 scammers began creating fake accounts with handles similar to the real @SatoshiLite handle used by Lee. For example, one tweet looked like this:

“I am donating 180 Litecoin to the LTC community. First 60 transactions with 0.3 LTC sent to the address below will each receive 3 LTC to the address the 0.3 LTC came from LKGMCZZxp4hSCkwDQCuefBiwh93diTKt2z Don't miss out. Claim your LTC now!
— Charlie Lee [LTC] (@SatoshiLitez)”

Note the extra “z” at the end of the Twitter handle.

While experienced cryptocurrency enthusiasts and Twitter users would notice the difference, many novice users would easily be tricked. And the scammers got their message spread far and wide quickly by replying to any tweets or comments made by Charlie Lee himself, making it look even more like the giveaway was authentic.

And if that wasn’t enough, a new month saw a new scam as imposters began targeting Vitalik Buterin, the creator of Ethereum, in February 2018.

Early in February the real Buterin had tweeted satirically that if users sent him 0.1 ETH, he would send them nothing, “because I am too lazy.” Scammers, posing as @VitalikButter or @VitalikButerjm, took advantage of his tweet by replying to it with tweets continuing to ask for small amounts of Ether.

But if you send me 0.2 ETH, I will send 2 ETH back to your address, because I can. My address: 0xCDDd354cd8550c5E30eaB2d63cDC48156a344f0A
Beware of fakes!#eth #ethereum #airdrop #donation pic.twitter.com/PiHzc3xUl4
— Vitalik Buterin (@VitalikButerjm) February 8, 2018

While all the above mentioned scammer accounts have since been suspended, there are new ones being created all the time, and Twitter seems to be unable to keep up with the onslaught. Other crypto-celebrities have also been targeted, as have cryptocurrency wallets, exchanges, and altcoin projects.

Evolution of Twitter Scams

Of course as the community becomes increasingly aware of scams, the scammers become increasingly resourceful and tricky. The latest round of scams has seen scammers taking over “Verified” Twitter accounts and using these to establish trust.

The Verified accounts are those with a blue checkmark, and while this blue checkmark is only intended to verify identity, it has become a badge of trust on Twitter. Only it isn’t, because verified accounts have been traded, sold, and yes hacked.

Worst of all is that a verified account can change its name and handle, which is exactly what happened to the Tron Foundation, which offers the cryptocurrency $TRX. It’s official Twitter handle is @Tronfoundation, but in February an @Tronfoundationl account appeared – with a blue verification checkmark!

It turns out that the scammers hacked the verified account of non-profit @LiteracyBridge and subsequently changed the name and handle of the account. Twitter spokespeople claim that this should have removed the verified checkmark, but for some reason this was not the case. The account has since been suspended, and there’s no way to know how much the scammers were able to steal using the fake verified account, but this is only one example of many.

Making all these scams even more damaging has been the use of bot-nets and fake user accounts. Basically these accounts are used to share and upvote the scamming tweets, thus adding social proof and fooling other users into taking action, or to retweet the scam tweets as well, spreading them further.

No More Verification

Twitter suspended public requests for verification all the way back in November 2017 as evidenced by a tweet from @TwitterSupport:

This message was repeated following the Tron Foundation scam, so it’s obvious that Twitter is aware of the issues being caused by their verification system. Yet it remains in place, even if it isn’t accepting new requests for verification. And here we are 7 months later, no closer to any solution to the issue.

How Will Twitter Stop the Scams 

As I said, Twitter is aware of the problem, and CEO Jack Dorsey has both acknowledge there is a problem, and that the verification system is broken. He’s also tweeted that they are working on a solution, but as we all know, there has been no solution forthcoming so far.

Techmeme founder Gabe Rivera suggested that Twitter could at least police the verified accounts, looking for changes to usernames, real names, profile pictures and header photos. Certainly there aren’t so many changes among verified users that it would be too difficult to have an actual human check each account with such a change.

Another suggestion was to block the creation of account handles that are similar to the known or verified cryptocurrency projects and leaders. The thinking is that there’s really no good reason to create a handle that’s basically the same as a cryptocurrency celebrity, or a blockchain project, or one of the popular wallets. In almost every case the only reason to create one of these closely related alternate accounts is to scam people, or to perform some other nefarious action.

There have also been suggestions that Twitter find a way to scan for “grouping” type behavior. That is, many of the bot-nets tend to swarm around the same types of fraudulent and scam posts, retweeting and upvoting en masse. Because these bot-nets work together it should be possible to discover at least some of the networks simply based on the shared behavior.

Another suggestion is to give people more control over what appears in their feeds, similar to the way Facebook allows users to specify not only who sees their posts, but what posts they see. In this way Twitter users could defend against the spammers themselves by only allowing trusted people’s tweets be seen in their feed. Of course this diminishes the utility of Twitter to some extent, and might not be the best solution. 

As for Twitter themselves, they’ve been quiet on the matter, aside from acknowledging that it exists. So, when a solution is finally implemented it will be a surprise to us all, and will almost certainly cause a good deal of consternation in the crypto Twitter-verse, despite the good intentions.

It’s also possible the initial solution won’t work as planned, and further iterations and tweaking will be necessary to get things mostly right.

Conclusion

It isn’t realistic to think that Twitter will be able to completely rid its platform of spam and scammy actors. The reality is that scammers can come up with new methods for stealing from people almost as fast as fixes can be put in place.

It should be possible to limit the number of scams occurring, and this is what Twitter needs to put in place as soon as possible. It’s been far too long that these scams have continued, robbing thousands of people of millions of dollars.

And it isn’t just the cryptocurrency space that has a scam problem.

Bot-nets and scams exist in the dating, eBay, and Amazon niches, and likely in many more. In fact, some have suggested that up to 15% of all the Twitter accounts are fake or bot accounts. And it has also been suggested that Twitter, which is graded by investors at least in part by its number of users, isn’t all that interested in cutting its userbase by 10-15% for fear of investor backlash.

Whatever the case, something needs to be done, and soon. If Twitter fails to at least provide some relief from these bot-nets and scams it’s likely they have to worry about a declining user base anyway – as real users decide that it simply isn’t worth using the service any longer due to the deluge of bots and fake accounts.