The scam itself is pretty simple: the scammer hacks a Twitter-verified account, changes the name to “Elon Musk” or something similar, changes the profile picture to Musk’s current photo, and then begins tweeting as if they were the Tesla CEO.
The scammers showed up frequently in Musk’s mentions, often acting like they’re continuing a thought that Musk left off in a real tweet.
Then, they link out to a cryptocurrency scam, usually claiming Musk is doing a giveaway that requires users to send some of their own cryptocurrency to the scammer.
Recently, however, these scams have ventured outside of Musk’s mentions and into timelines. After hacking a verified account, the scammers have successfully “promoted” their tweets using Twitter’s ad service, effectively forcing their way into timelines of everyday users.
Twitter has attempted to combat these scams by blocking accounts without mobile verification from adding “Elon Musk” into their display name. But the scammers have circumnavigated these restrictions, sometimes by using different characters but still maintaining a display name that appears to be “Elon Musk” at first glance.
On Monday, the film studio Pathe UK’s Twitter account was hacked and used for fake Elon Musk cryptocurrency scams. The scammer subtly changed the “l” in “Elon” to a different character, presumably so the account name wouldn’t get automatically flagged by Twitter.
Pathe later said it regained control of its account, and deleted the fake Musk tweets. Pantheon Books also fell victim to a fake Musk hack, and its profile picture has since been deleted and its display name has been changed to “.”
The Pathe UK Twitter account was hacked this morning by an unknown third party. A series of unauthorised tweets were sent for which we apologise. The issue has now been resolved and we have taken back control of our account.
— Pathé UK (@patheuk) November 5, 2018
A Twitter spokesperson said the company does not comment on individual accounts, but offered the following statement:
“Impersonating another individual to deceive users is a clear violation of the Twitter Rules. Twitter has also substantially improved how we tackle cryptocurrency scams on the platform. In recent weeks, user impressions have fallen by a multiple of 10 in recent weeks as we continue to invest in more proactive tools to detect spammy and malicious activity. This is a significant improvement on previous action rates.”