Scam Twitter Bots Duping Users into Making Bogus PayPal Payments

Cybercriminals are implementing Twitter bots

Cybercriminals are implementing Twitter bots that are designed to dupe unwitting Twitter users into making PayPal and Venmo payments to accounts under their control.

The scam bots appear to be activated after a legitimate user asks another for payment details, presumably finding these tweets via searches for keywords such as ‘PayPal’ and ‘Venmo’, or other online payment services.

They disguise themselves as the other user by pulling their profile image and adopting a similar-sounding username. Next, they supply them with false payment details, hoping the original tweeter will transfer payment into the account.

Twitter user ‘Skye’ (@stimmyskye) posted an online screenshot revealing how they were targeted, along with details of how the bot blocks the account that it is mimicking and, in their case, scraped the entire profile, with only an easy-to-miss underscore added at the end of the username.

“Because you’re blocked, you’ll see that there’s one reply to that question but the reply tweet won’t show up,” Sky explained. “If you see a ghost reply to a comment like that, it’s almost always a scam bot. They delete as fast as they clone your account. You won’t even know it’s happened.”

“They will delete the reply tweet,” Skye went on, “but the account itself will usually not be deleted, just change the username. So the accounts are usually not brand new, they even have followers. You need to check closely.”

PayPal and Venmo, along with other popular online payment services, are frequently used to make payments for items such as goods, like the resale of event tickets, or charity donations. This latest Twitter scam, however, highlights the real dangers of making or disclosing any form of transaction within a public platform.

Skye’s tweets, which also claimed that the scam bot issue could be months or even years old, have been positively received by the Twitter community, as shown by thousands of likes and retweets.

“A failsafe option is to ask for payment info via DM only, or request they be sent to you via DM,” Skye advised fellow Twitter users. “With DMs, either you’ve got them closed so the scam bot can’t send you any, or you’ve got them open and it’ll show as a DM request rather than just appear in your inbox.”

“It would be extremely easy to detect and prevent this behaviour, let’s hope that @TwitterSupport finally does something about it…I would like for this warning to become obsolete.”


Google Warns its Chrome Users after Browser Faces 'High Threat' Attack

03/05/2022 Billions of Chrome users are being warned after the successful attack has revealed 30 new security flaws, including seven that pose a ‘high threat’ to users. Attackers have managed to access Chrome's unused memory. This is typically used to help the browser run smoother, however by exploiting this finding it has given hackers access to the inner workings...

Cyber Attack Recovery Bill Concerns for Gloucester City Council

21/03/2022 But with the final recovery bill expected to cost hundreds of thousands of pounds, members of the council have understandably been expressing their concerns. In order to restore several of its affected online services, a £380,000 reserve was created; the Government and Local Government Association also provided the council with a collective £250,000. Despite...

What Are Internet Trackers & How to Stop Them

21/03/2022 But what exactly are trackers? And how do you go about stopping them to create a more secure, worry-free internet experience? What are Internet Trackers? Tracking technologies – usually owned/developed by advertising and marketing firms and government agencies, among other authorities – are utilized to monitor visitor-based data for the purpose of establishing...

Ukraine’s Digital Minister Waging Cyber Warfare from Secret Bunker

21/03/2022 From a secret Kiev-based underground bunker, Fedorov has been urging high-ranking social media executives to sever Russia from their multinational services. Digital minister Fedorov has also set up an “IT Army of Ukraine” campaign in the hopes of recruiting volunteers willing to fight the country’s “enemy” with cyber attacks. The 31-year-old Fedorov,...


Share this article