Getting this out quickly:
- Go to Trump’s twitter feed (sorry)
- Click a post, and look at the replies
- Find something similar to the following:
The youtube video is simply a link to a Cybertruck commercial. But the link in the image is a fairly nicely designed website impersonating Elon Musk’s Medium page.
The fake medium has one article, encouraging people to send crypto and receive double back as a marketing ploy. It then links off to sub pages for further instruction.
Press enter or click to view image in full size
Further,
, , , , you’re being impersonated at this medium clone.
A quick WHOIS reveals the following:
Press enter or click to view image in full size
I’ve reached out to the abuse email, explaining the above.
Going back to the Twitter user in question, https://twitter.com/iosuaopeta55
Looks like he used to be named Iosua Opeta, some NFL guy.
Press enter or click to view image in full size
The obvious attack vector here is finding a previously verified Twitter account, and changing the name. That little blue ribbon emoji looks a lot like a guarantee about the user’s name, doesn’t it.
I’ve reported to twitter that poor Iosua has been hacked.
Stay safe out there.