Phishing Scams Are Evolving

A new wave of crypto scams is exploiting social media, with attackers creating fake X (formerly known as Twitter) accounts to impersonate prominent influencers.

These accounts lure unsuspecting users into fraudulent Telegram groups, where victims are deceived into installing malware.

This malware, engineered through sophisticated social engineering tactics, targets and compromises crypto wallet data, leaving users vulnerable to significant losses.

Users Lured into Telegram Groups

Blockchain security firm Scam Sniffer unveiled how scammers are exploiting social media by impersonating prominent crypto influencers through fake X accounts in a 10 December post on X.

These imposters strategically comment on legitimate posts, luring users with promises of exclusive investment insights and "alpha"" tips.

Victims are then directed to Telegram groups where they are prompted to complete a verification process via a bot named OfficiaISafeguardBot.

This bot manipulates users with urgency, compelling them to act quickly.

However, the so-called verification is a cleverly disguised trap.

By complying, users unknowingly execute malicious PowerShell code injected into their clipboard, which downloads malware designed to compromise their systems and steal sensitive data, including crypto wallet information.

Scam Sniffer reported that the malware has been flagged as harmful by VirusTotal and cited past instances of similar attacks resulting in private key theft and significant financial losses.

All recent cases investigated by the firm shared this fraudulent verification method.

Scams Becoming More Sophisticated & on the Rise

Scam Sniffer has raised alarms about the evolving sophistication of crypto scams, emphasizing how easily attackers can impersonate legitimate services.

This growing trend, described as a "scam-as-a-service" model, reflects how creators of wallet-draining malware lease their tools to phishing networks.

While malware targeting everyday users is not new, the combination of fake X accounts, Telegram groups, and malicious bots represents a troubling escalation.

The prevalence of such scams on X has skyrocketed.

Scam Sniffer's monitoring system detected an average of 300 impersonation accounts daily in December, nearly double November's figure of 160.

These accounts actively promote fraudulent links and tokens, causing significant financial harm.

At least two victims have reportedly lost over $3 million each through these schemes.

The security firm warns that this surge in scam activity highlights the increasingly organised infrastructure behind such operations, a sentiment echoed by other cybersecurity organisations.