Conning the Crypto Conman: End-to-End Analysis of Cryptocurrency-based Technical Support Scams
CoRR(2024)
摘要
The mainstream adoption of cryptocurrencies has led to a surge in
wallet-related issues reported by ordinary users on social media platforms. In
parallel, there is an increase in an emerging fraud trend called
cryptocurrency-based technical support scam, in which fraudsters offer fake
wallet recovery services and target users experiencing wallet-related issues.
In this paper, we perform a comprehensive study of cryptocurrency-based
technical support scams. We present an analysis apparatus called HoneyTweet to
analyze this kind of scam. Through HoneyTweet, we lure over 9K scammers by
posting 25K fake wallet support tweets (so-called honey tweets). We then deploy
automated systems to interact with scammers to analyze their modus operandi. In
our experiments, we observe that scammers use Twitter as a starting point for
the scam, after which they pivot to other communication channels (eg email,
Instagram, or Telegram) to complete the fraud activity. We track scammers
across those communication channels and bait them into revealing their payment
methods. Based on the modes of payment, we uncover two categories of scammers
that either request secret key phrase submissions from their victims or direct
payments to their digital wallets. Furthermore, we obtain scam confirmation by
deploying honey wallet addresses and validating private key theft. We also
collaborate with the prominent payment service provider by sharing scammer data
collections. The payment service provider feedback was consistent with our
findings, thereby supporting our methodology and results. By consolidating our
analysis across various vantage points, we provide an end-to-end scam lifecycle
analysis and propose recommendations for scam mitigation.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要