Scammers are students of human psychology, whether it’s duping you into clicking on a bogus email or offering fake free stuff on social media.
And dropping Elon Musk’s name into a scam to lure the unsuspecting is a popular strategy for crooks, according to a new report.
"Elon Musk is an incredibly popular target for scammers and spammers on social media. Attach his name to something he has no involvement in and watch it fly," Malwarebytes Labs said this week in a blog post.
Since October 2020, reports to the Federal Trade Commission of cryptocurrency scams have spiked with almost 7,000 people reporting losses of more than $80 million with a median loss of $1,900, according to the FTC.
That's about 12 times the number of reports and nearly 1,000% more in reported losses compared to the same period last year, the FTC said.
The giveaway scams typically trade on famous names. More than $2 million in cryptocurrency was lost to Elon Musk impersonators over just the past six months, according to the FTC.
Malwarebytes says one scam making the rounds starts like this: a Twitter account goes viral with a popular tweet. Then a bot account replies with a screenshot. In this case it appears to show Elon Musk, on Twitter, saying:
"Just google 'Topmid Dust Watch' and thank me later," – a reference to a map in the popular video game "Counter-Strike."
These schemes "usually lead to portals ‘selling’ the item for a grand total of $0," Malwarebytes said.
What the scammers want is your address and credit card information to ship you the "free" product, according to the report.
Generally speaking, you should avoid products in the replies of social media posts, Malwarebytes said.
"The same goes for promotions pushed by accounts you know, or even verified accounts. There’s always a chance what you’re seeing is the result of a compromise," the report said, adding "you’ve no idea what waits at the other end of a link."
The aim of the ploy is to bypass spam detection, Malwarebytes said. Gmail and Outlook, for example, detect most scams and spam, so it can be a challenge for scammers to get through these filters set up by Google and Microsoft, respectively.
A scammer posing as Elon Musk walked away with $560,000 back in February.
In that case, a man received a Twitter notification that appeared to be from Elon Musk.
"Musk tweeted, 'Dojo 4 Doge?’" the man told the BBC, referring to the cryptocurrency dogecoin.
The fake competition invited participants to send up to 20 bitcoin (over $1 million at the time) and they would double their money. The man sent 10 bitcoin and lost it all to the scammers.
It was the most ever lost in a single transaction, the BBC said, citing Whale Alert, which tracks cryptocurrency transactions.
Scammers made $18 million in the first three months of this year, eclipsing the $16 million made in all 12 months in 2020, according to Whale Alert.
"Unfortunately it's very easy for con-artists to create social media accounts and impersonate people," Bitcoin.org says on its website.