Like everyone else with open Twitter DMs, my Message Requests box is a trash can. Junk messages pile up like pizza toppings.
They are an eclectic mix of PR outreach, spam, crypto campaigns and sometimes religious proselytizing.
But this morning I got a message that really piqued my interest. A stranger named Eddie sent what appeared to be his private crypto key and a request to transfer its contents to his wallet.
Money for nothing
The wallet reportedly contained 9,860 Tether (USDT) tokens. Tether is a stable coin. Each crypto token is equivalent to one dollar. For my stake, Eddie would allow me to keep 300 USDT tokens, or $300.
I wasn’t born yesterday. This was obviously a scam. But it was a scam I hadn’t seen before. Twitter is full of cryptogrifters, but most are pretty mundane.
The most common tactic sees hacked verified accounts posing as well-known crypto maximalists like Elon Musk. These accounts promise to double people’s money, provided they send a certain amount of crypto to another address.
And there are pump-and-dump schemes. Bad actors will build a following of other crypto-enthusiasts and aggressively promote a particular token, ICO or dApp product.
As interest increases, so do prices. When the token reaches a certain level, the promoters will withdraw money, leaving their gullible victims to bear a massive loss.
These two scams are as endemic as they are tedious. But the message I got earlier this morning? I hadn’t seen that before. That piqued my interest.
Keys to the kingdom
Okay, so here’s the thing: Private keys should be kept… well… private.
They are analogous to the PIN code on your debit card. If someone else knows, there’s little to stop them from draining your account.
Many crypto scams try to steal victims’ private keys. This scam apparently did the exact opposite. That’s what made it so exciting.
Fortunately, I’m not the first person to be targeted. While this scam is not as common as the infamous Elon Musk Twitter scam, it has happened to enough people to be reasonably well documented.
Step on the gas
Before I dissect this scam, I need to explain some Crypto 101 to you.
Cryptocurrencies are decentralized. Transactions are processed, verified and recorded by other computers in the network. This requires dedicated computing power, electricity and storage space.
To incentivize people to run these nodes, many cryptocurrencies charge transaction fees (or “gas fees” in the Ethereum world). These fees reward node operators.
With me so far? Good. Let’s go back to the scam.
If a victim recreates the wallet, they will see that every symbol promised in the original message is there. But they will also see that the wallet lacks the funds necessary to make the payment.
So the victim passes on the gas charges. These are usually a fraction of the promised cut. They will still make money.
But here’s the trick: the wallet is connected to a smart contract. These sound complicated. They are not.
Simply put, smart contracts are computer programs that perform specific actions when a condition is met. In this case, the smart contract will automatically transfer any gas fees that hit your wallet.
This happens within seconds. Smart victims will realize they have been tricked. Stupid victims will send the gas money again and again, thinking that something went wrong and they have to try again until it finally works.
Each time, the scammer deducts the gas fees from the crypto transaction.
If it sounds too good to be true…
I sound like your dad here. And no, I don’t care. If something sounds too good to be true, it almost certainly is.
No one will offer a random stranger free money for something as superficial as restoring their wallet. People don’t hand over the contents of their crypto wallets to strangers. Especially when they contain the web3 equivalent of thousands of dollars.
Fraud is particularly terrible because it exploits the weaknesses that make society necessary. The (usually positive) qualities such as trust, kindness and a willingness to help others.
And they are almost always more effective in times of real economic strife. Desperate people are often more willing to take risks.
That is why the sale of lottery tickets increases during recessions. It’s also why MLM companies (which are thinly veiled pyramid schemes at best) found it easier to recruit during the turmoil of the COVID-19 pandemic.
We have two weapons against fraudsters: skepticism and awareness. One is developed, the other is learned. As such, I would encourage you to share this post with anyone you think may be a victim of this type of private key scam.
Do you have any thoughts on this? Transfer the discussion to ours Twitter or Facebook.
Editors’ recommendations:
