Cybersecurity analyst Serpent has revealed his picks for the most encrypted and non-perishable (NFT) token scams currently active on Twitter.
The analyst, who has 253,400 followers on Twitter, is the founder of artificial intelligence and community-backed crypto risk mitigation system, Sentinel.
In a 19-part thread published on August 21, Serpent explained how scammers target inexperienced crypto users by using fake websites, URLs, hacked verified accounts, fake projects, fake airdrops, and lots of malware.
One of the more troubling strategies comes amid a recent wave of phishing and protocol snooping. Serpent explains that cryptocurrency recovery scams are being used by bad actors to deceive those who have recently lost their money to a large-scale hack, stating the following:
“Simply put, they are trying to target people who have already been scammed, and claim they can get the money back.”
According to Serpent, these scammers claim to be blockchain developers and are looking for users who have recently been victims of a large-scale hack or exploitation, asking them to pay a fee to publish a smart contract that can recover their stolen funds. Instead, they “take the fee and run.”
This was seen in action following the multi-million dollar exploit that affected Solana’s wallets earlier this month, with Heidi Chakos, host of YouTube Crypto Tips, warning the community to beware of scammers offering a hack solution.
Another strategy is also taking advantage of recent exploits. According to the analyst, the Fake Revoke.Cash scam, tricks users into visiting a phishing site by warning them that their crypto assets may be at risk, using a “state of urgency” to get users to click on the malicious link.
Source: Serpent on Twitter
Another strategy uses Unicode messages to make the phishing URL look exactly like a real URL, but replace one of the characters with a Unicode-like appearance. Meanwhile, another strategy sees scammers hack a verified Twitter account, which is then renamed and used to impersonate an influential person to take out fake mint leaves or airdrops.
The remaining tricks are aimed at users who want to get into the get-rich-quick scheme. This includes the Uniswap Front Running scam, often seen as a spam bot that tells users to watch a video on how to “make Uniswap Front Running $1,400 a day”, which instead tricks them into sending their money to the scammer’s wallet.
Another strategy is known as a Honeypot account, where a private key is supposed to be leaked for users to access a loaded wallet. But when they try to send crypto in order to fund a currency transfer, they are instantly sent away to the crooks’ wallets via a bot.
Other tactics include asking high-value NFT collectors to “beta test” a new play-for-profit (P2E) game or project, or assigning mock work to NFT artists. But, either way, the trick is just an excuse to send malicious files that can get rid of your browser’s cookies, passwords, and extension data.
RELATED: Aurora Labs details the ‘cool and deceptive’ crypto scam that nearly fell into it
Last week, a report from Chainalysis indicated that cryptocurrency scam revenue has fallen by 65% in 2022 so far due to lower asset prices and the exit of inexperienced crypto users from the market. The total revenue for crypto scams year-to-date is $1.6 billion, down from nearly $4.6 billion in the previous year.
