Scammers monitor every tweet containing requests for support on MetaMask, TrustWallet, and other popular crypto wallets, and respond to them with scam links in just seconds.
To conduct these targeted phishing attacks, scammers abuse Twitter APIs that allow them to monitor all public tweets for specific keywords or phrases.
If those phrases are present, these same programs will direct Twitter bots under the scammer’s control to automatically reply to the tweets as fake support agents with links to scams that steal cryptocurrency wallets.
These attacks are nothing new, and we reported on them in May. However, these attacks have expanded to other cryptocurrencies, and the scams continue to run rampant.
Therefore, we felt it was vital for our readers to revisit this attack and illustrate how it works, so you do not accidentally become a victim.