A Twitter bot phishing scam is on the rise, scanning every tweet you post in an attempt to steal the contents of your crypto wallet.
Would-be attackers use Application Programming Interfaces (APIs) to identify Twitter users in need of customer support.
These APIs scour every public tweet for a range of keywords which trigger fake bot accounts to respond.
A test conducted by BleepingComputer showed tweets with words like ‘support,’ ‘help,’ or ‘assistance,’ coupled with ones like ‘MetaMask,’ ‘Phantom,’ ‘Yoroi,’ and ‘Trust Wallet’ trigger automatic replies linking to fake Google forms hoping to steal your information.
For example, a user tweeting about being locked out of a MetaMask wallet will receive several replies from fake MetaMask customer support accounts.
Bleeping Computer first wrote about the novel phishing scam in May. Since then, scammers have widened their list of targets, with more bots than ever hungry for your seed phrase.
Inundated with Twitter bot replies
We posted a bait tweet hoping to trigger phishing bots and received several scam responses in just a few seconds.
- Scammers direct the Twitter user to Google forms asking for their seed phrase.
- A seed phrase or recovery is a 12-word password that, when shared, allows scammers to take control of the wallet and add it to their own device.
- Most of these Google forms look fairly rudimentary, but some seem more convincing.
Twitter bot phishing now a common con
Bleeping Computer has seen a rise in scams involving Twitter APIs. It found Cardano wallet Yoroi and Solana wallet Phantom both have bots phishing for the crypto stored inside.
A similar con peddled on both Discord and Twitter tricked users into handing over their NFT collections by pretending to be OpenSea support staff.
And while an eagle-eyed Twitter user might be able to spot a bot tweet from a mile off, there’s a variation of the con which is just as prevalent.
In this version, the bots respond with a recommendation for a third-party account recovery service. The mark pays upfront for the tech support — only to be ghosted.
Potentially less financially devastating, but annoying nonetheless.
In case it needs repeating, do not ever give out your seed phrase.
Follow us on Twitter for more crypto news.