A Twitter account belonging to internet monolith Google has been hacked by cryptocurrency scammers, according to The Next Web. Specifically, it was the account of G Suite, a Google brand of products which include Gmail, Google+, and Google Drive.
Nigerian Prince
The post, which was reportedly up for around thirteen minutes, was the traditional crypto-giveaway:
As you can see, it asks for people to send money, in return for more back.
Responding to media requests for a statement, a Google spokesperson told Business Insider: "This morning an unauthorized promoted tweet was shared from the G Suite account. We removed the tweet and are investigating with Twitter now."
Attacking on a Wide Front
Now, John McAfee, anti-virus mogul-turned-cryptocurrency celebrity, says on his Twitter profile: "If you believe that anyone, at any time, for any reason, ever, gives money away to total strangers, then you deserve to get scammed." And indeed you may think it unlikely that anybody would fall for this kind of thing. But you would be wrong. A similar scam hit the Twitter accounts of clothing retailer Matalan and film studio Pathé UK last week (in that case, the scammers pretended to be Elon Musk, the diver-baiting billionaire), and people actually sent more than $150,000, according to NewsBTC.
Ten days later, retail giants Target and The Body Shop offered their Twitter followers similar deals.
Early this morning, our Twitter account was inappropriately accessed. The access lasted for approx. half an hour & one fake tweet was posted during that time about a Bitcoin scam. We have regained control of the account, are in close contact with Twitter & are investigating now.
— Target (@Target) November 13, 2018
These scams are so common that some popular users of Twitter have changed their usernames or profiles to permanently say that they never give away cryptocurrency, for example, Vitalik Buterin, whose username is "Vitalik Non-giver of Ether". However, this new wave of scams is worrying to people because, as you can see from the above image, there is a blue tick next to the username. This symbol means that the account has been verified as authentic by Twitter, a verification which may have lost some of its legitimacy now.
A spokesperson for Twitter told the Daily Telegraph: "Twitter has also substantially improved how we tackle cryptocurrency scams on the platform. In recent weeks, user impressions have fallen by a multiple of 10 in recent weeks as we continue to invest in more proactive tools to detect spammy and malicious activity. This is a significant improvement on previous action rates."
Google Security
This is particularly embarrassing for Google because it has been working hard to give the impression that it is working hard to stamp out cryptocurrency-related scams. In fact, earlier in 2018 it completely banned all cryptocurrency advertising and mining extensions, citing the prevalence of scams. It recently re-opened to a limited number of Blockchain customers, beginning of course with Coinbase.
It was not clear if the giant had actually made any changes that would effectively exclude fake advertisers, or if it was only following Facebook's lead because it didn't want to lose out on revenue. Only a few days after the ban was lifted, a legitimate cryptocurrency extension was removed from the Google application download site and replaced with a fraudulent one. It stayed up for a good few hours until someone (not an employee of Google) noticed.