Security Experts:

Connect with us

Hi, what are you looking for?



Ongoing Bitcoin Scams Demonstrate Power of Social Engineering Triggers

Bitcoin scams have soared over the last seven months. The surge started around October 2020, and the scams are continuing today.

Bitcoin scams have soared over the last seven months. The surge started around October 2020, and the scams are continuing today.

On May 17, 2021, the FTC announced, “Since October 2020, reports have skyrocketed, with nearly 7,000 people reporting losses of more than $80 million on these scams.” It describes two scam methods. The first is to lure targets to bogus websites that look genuine and offer investment opportunities. The second is effectively a celebrity scam, where the supposed celebrity promises to immediately multiply any bitcoin investment.

In the latter scam, the name Elon Musk is frequently used as the celebrity. Known for both his business acumen and interest in cryptocurrencies, he is used to add credibility to the scam. “For example,” says the FTC, “people have reported sending more than $2 million in cryptocurrency to Elon Musk impersonators over just the past six months.”

An example of a fake website that also used the Elon Musk celebrity name occurred this month. On May 13, 2021, the BBC reported that a schoolteacher had lost £9,000 (almost $12,750) after being lured to a fake website. The report gave no indication of how she was lured – but the website was a fake BBC website.

The scam itself was typical. A false news story claimed, “Tesla buys $1.5 billion in bitcoin, plans to giveaway $750M of it”. Only the latter part of the headline is false. In February 2021, Tesla really did buy $1.5 billion bitcoin, in order, it said at the time, to provide “more flexibility to further diversify and maximize returns on our cash.”

In the fake BBC website, grammatical pedants may have seen a red flag with the use of ‘giveaway’ (generally a noun) instead of ‘give away’ (the correct form for an action). Grammatical errors and typos are typical of scams, but otherwise the fake website is very convincing.

Fake BBC website

Fake BBC website used in bitcoin scam

The teacher invested £9,000, expecting to receive back £18,000 – but of course received nothing.

A month earlier, the BBC had reported on a Twitter-based scam with a far larger loss. On February 22, 2021, the real Elon Musk tweeted “Dojo 4 Doge”. A scammer, with the twitter name Elon Musk, responded offering a once-in-a-lifetime opportunity – send up to 20 bitcoin and receive double in return. The victim fell for it and sent 10 bitcoin which he immediately lost – around £497,000 (more than $700,000).

Today, security firm Bitdefender has reported on two similarly themed email campaigns. Tens of thousands of fraudulent Tesla-related emails have been sent in two separate campaigns. Both campaigns offer the same lure – send Elon Musk some bitcoin and he will return twice the amount. Both appear to have started around the same time: May 15, 2021.

The first campaign uses an attached PDF. There is nothing malicious about the PDF other than its message: “Our marketing department here at Tesla HQ came up with an idea: to hold a special giveaway event for all crypto fans out there.” The PDF includes details of how to submit bitcoin in order to receive twice the amount in return. A typical subject line for the emails reads, “ELON MUSK 5,000 B T C GIVEAWAY!”. Other emails, however, are targeted, including the target’s username.

In this campaign, almost 80% of the emails appear to be sent from IP addresses in Germany. “11% of the fraudulent emails have reached users in the UK, 79.26% in Sweden and 9.22% in the US,” say the researchers.

The second campaign is just an email, providing information on the fraudulent giveaway, and even including a Bitcoin Address QR Code to be scanned by participants. “If you would like to participate in the giveaway, it’s very simple!”, reads the email. “All you need to do is send any amount of Bitcoin (BTC), (between 0.1 BTC to 50 BTC) to our official contribution address for this event, and once we have received your transaction, we will immediately send back (2x) to the address that you sent the BTC from.”

According to the Bitdefender researchers, “This scam campaign has reached over 30,000 users across the globe. 16.73% of the spam emails originate from IP addresses located in Brazil, 14.15% in Russia, 6.32% in Indonesia, 4.91% in Turkey, 4.56% in Ukraine, 4.44% in Spain, 3.68% in the US, 3.63% in Italy, 2.16% in India, 2.11% in Romania and 1.93% in the Netherlands.”

Little is yet known on how successful the campaigns have been. However, Bitdefender notes, “At the moment, one of the crypto wallets used by the perps shows 31 transactions that translate to 1965.21 dollars.”

The lesson to be learnt from all these bitcoin scams is that it is almost impossible to prevent users from falling for good social engineering – whether it be scam or phishing. In this case the campaigns press all the right buttons: believability (Tesla really had bought $1.5 billion worth of bitcoin); celebrity endorsement (Elon Musk); urgency (before Tesla’s stock of bitcoins is depleted); and above all, greed (effectively something for nothing).

Related: Social Engineering: Attackers’ Reliable Weapon

Related: FBI: IC3 Received 6 Million Cybercrime Complaints Since Inception

Related: Software Icon McAfee Charged in Cryptocurrency Scam

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.