This is an automated archive.
The original was posted on /r/cryptocurrency by /u/mejonz12 on 2023-08-11 21:16:49+00:00.
Very early today I was browsing through Twitter and noticed an embedded site graphic for a DAO that was offering a giveaway for signing up. So, I checked the account of the Tweet and it seemed legit, a reasonable number of followers and ‘followed’ listed. Ok, then I looked up this particular ‘Kxxxxx.dao’ on Google, there was a listing for it. I went back to Twitter and clicked the embedded graphic link with the said Tweet. BUT!!! Here’s the kicker. After going to the site on after I clicked the higlighted link within the graphic, it was for the site ‘Kxxxxx.doa’ and not .dao. Did not notice it until it was too late.
Here is what happened before I discovered my oversight. After going to the erroeous link, the site then asked me to connect my wallet, which I did (Metamask). Got to Metamask and was directed by Metamask to go from Arbitrum One network(my network location from a previous session) to Ethereum mainnet. In doing so, I had to pay gas of course. And before I knew it was drained of $ETH in going from Arbitrum One to Ethereum and then drained again of further $ETH once I was in Ethereum Mainnet to establish an account with the now phoney website to pickup the supposed ‘claim’. After paying the gas I couldn’t establish an account at this phoney site, kept getting an error message of sorts.
Now here is where it gets really interesting. I placed a response as a reply to this particlular phishing tweet and told the public reading my response about the tweet citing what may be a phishing site and to be wary. I got a few like responses from Twitter users about this within 10 minutes or so. I then placed a report within Twitter about the particular Twitter account, answering the bot questions that one must respond to flag the account as a scamming suspect.
Fine, that done, I totalled up the ‘damage’ to my Metamask account and an hour or two later, returned to my Twitter account only to find that all traces of my account notifications containing my ‘like’ responses to this particular tweet were missing and I could not, utilizing my notification listing find ANYTHING of the original TWEET thread itself. That to me is very suspicious, because older threads within my notification listings were still there.
So, nothing from TWITTER about my report of the original tweet that I responded to or even an acknowledgement of my reporting on this tweet.
I suspect that there is someone working within Twitter that is gaming the system there and is knowledgeable enough to effect some phishing scams to crypto enthusiasts. Especially those that didn’t have their morning coffee.
Be forewarned. And don’t forget that coffee before you clickit. ;)