Malicious actors have reportedly infiltrated the New York Post’s X account, using it to send scam direct messages (DMs) to unsuspecting crypto users. The incident highlights the growing trend of social engineering attacks targeting individuals in the cryptocurrency community.
Key Takeaways
- Hackers accessed the New York Post’s X account to send scam DMs.
- Users received messages inviting them to participate in a podcast and to contact via Telegram.
- The scammer blocked replies to prevent detection by the New York Post team.
- This incident follows a similar compromise of another crypto-related account.
Details of the Incident
On May 3, the first reports of the scam emerged when Alex Katz, founder and CEO of Kerberus, shared a screenshot of a suspicious message purportedly from journalist Paul Sperry. The message invited recipients to join a podcast, directing them to communicate through Telegram, a common platform for scams.
Cybersecurity experts noted that the scammer’s approach was unusual. Instead of posting a fraudulent link or wallet address, they opted for direct messaging, which allowed them to engage users more personally. This tactic is becoming increasingly popular among scammers, as it helps establish trust before attempting to defraud victims.
How the Scam Works
- Direct Messaging: The scammer sends a private message from the compromised account.
- Invitation to Podcast: Users are invited to participate in a podcast, creating a sense of legitimacy.
- Telegram Communication: Victims are directed to Telegram, where further scams can be executed.
- Blocking Replies: The scammer blocks replies to prevent the New York Post from being alerted to the breach.
Previous Incidents and Trends
This is not the first time the New York Post’s verified account has been compromised. In 2022, an employee hacked the account to post inappropriate messages disguised as headlines. The current incident reflects a broader trend of social engineering attacks, particularly in the cryptocurrency space.
Cybersecurity engineer Drew pointed out that the method of infiltration might involve a Zoom exploit, where enabling audio could inadvertently grant network access to the scammer. This technique has been used in other scams, including one where a CEO lost $100,000 in crypto assets after a similar Zoom interaction.
The Growing Threat of Scams
Scammers are increasingly using social media and video conferencing platforms to target individuals. The shift to direct messaging allows them to build rapport with potential victims, making it easier to execute their schemes. As the cryptocurrency market continues to grow, so does the risk of scams, with malicious actors constantly evolving their tactics.
Conclusion
The compromise of the New York Post’s X account serves as a stark reminder of the vulnerabilities present in social media platforms. Users are urged to remain vigilant and skeptical of unsolicited messages, especially those that request personal information or direct them to external communication channels. As the landscape of online scams continues to evolve, awareness and caution are key to protecting oneself from potential threats.
