Security News > 2023 > December > Crypto scammers abuse Twitter ‘feature’ to impersonate high-profile accounts
Cryptocurrency scammers are abusing a legitimate Twitter "Feature" to promote scams, fake giveaways, and fraudulent Telegram channels used to steal your crypto and NFTs. On X, formerly and more widely known as Twitter, a post's URL consists of the account name of the person who tweeted it and a status ID, as shown below.
This allows you to take an URL for a Tweet and modify the account name to whatever you want, even high-profile accounts.
BleepingComputer previously reported on this feature in 2019, when security researcher Davy Wybiral expressed concerns that the feature could be used for phishing.
While the above look like tweets from Binance, Ethereum, and zkSync, they instead redirected to an unrelated X user's tweets promoting crypto scams.
BleepingComputer observed tweets promoting fake crypto giveaways, websites that utilize wallet drainers, and Discord channels promoting pump-and-dumps.
Most users should immediately be able to spot a scam tweet by seeing that the account is different than what was in the URL. However, some, like the zkSync URL, may be missed as the scammer created an account with the company in their user name.