Elon Musk is an incredibly popular target for scammers and spammers on social media. Attach his name to something he has no involvement in and watch it fly. Verified accounts on Twitter continue to be favourites for account compromise / fake Elon scams. Those often turn out to be Bitcoin related. Sometimes, it’s on a grand scale.
There are other Elon scams out there, though.
Elon, word searches, and watches
Here’s one currently doing the rounds on Twitter. It’s not Bitcoin for a change, nor does it appear to exclusively be the domain of verified accounts.
What happens is this:
A Twitter account goes viral with a popular (or even semi-popular) tweet.
An account which is almost certainly a bot replies to the popular tweet. They don’t appear to post anything coherent which is peculiar. You don’t want your fake message to loudly proclaim “I’m fake”, but we’re already perilously close in this instance. Two random words are mashed into a reply, along with a screenshot.
The screenshot appears to show Elon Musk, on Twitter, saying:
Just google “Topmid Dust Watch” and thank me later.
He hasn’t said anything of the kind, but anyone searching for this phrase will be met with…well…bafflement, for the most part.
Scrabbling in the dust
The aim of the game here is presumably to bypass spam detection, via images of bogus tweets. The very common name of the watch in this case (“Dust watch”) means the results are filled with YouTube videos and gaming articles about the popular CounterStrike map “Dust”. As far as results regarding watches go, there’s just a few scattered here and there. Easy to miss in a plethora of gaming pages and videos!
Now, we can’t say which site is tied to the spam messages on Twitter. The site responsible may already be offline. Instead, let’s outline what happens should you search for this product.
A “free” watch?
Tactics such as the above usually lead to portals “selling” the item for a grand total of $0. What you actually pay here is shipping only, calculated once you enter your address. However, you may not want to get your credit card out just yet.
This isn’t a recent marketing technique; sites giving away free stuff and “just” charging shipping have been around for years. And sites doing so-called limited time offers on shipping only watches had some attention in 2017.
What do offers really cost online?
Generally speaking, people should avoid suggestions to go search words and / or products in the replies of social media posts. The same goes for promotions pushed by accounts you know, or even verified accounts. There’s always a chance what you’re seeing is the result of a compromise. You’ve no idea what waits at the other end of a link, or indeed search result. It might be a slight peculiar watch offer, or something else altogether like phishing or malware.
If it’s too good to be true…well, you know the rest.
The post Nope, that isn’t Elon Musk, and he isn’t offering a free Topmist Dust watch either appeared first on Malwarebytes Labs.