Latest Twitter scam aims to capitalize on Moonbirds success — and snares Bernie Sanders' son's verified account

Quick Take

  • Scammers are using verified accounts on Twitter to pose to be the official Moonbirds account in an attempt to pilfer funds.
  • Bernie Sanders’s son Levi Sanders’s account was hacked, and the name was changed to “Moonbirds.”
  • Those behind the effort appear to be using a well-worn playbook. 

If you haven’t yet heard about Moonbirds, there are two big things to know.

For starters, Moonbirds is the latest non-fungible token (NFT) collection to reach blue-chip status, garnering over $200 million in sales volume this weekend.

But its success has also attracted a swarm of scammers who are using verified, apparently stolen Twitter accounts in an attempt to exploit the enthusiasm around the project and pilfer funds from users on the social media site.

“What are these Twitter @verfied accounts that keep spamming my mentions to promote NFT drops but then no crypto or NFT people follow them? This is bizarre," tweeted journalist Laura Shin, who appears to be just one of the dozens of users on the receiving end of the spam messages.

Justin Mezzell, a co-founder of Proof Collective, the group behind the Moonbirds collection, tweeted Monday morning that “these are scammers who purchase verified accounts" and pretend to be involved with the Moonbirds project.

It’s unclear if all the scam accounts are hacked accounts of actual verified users or if the verification status is purchased. Twitter did not address this question when contacted by The Block.

In one instance, U.S. Senator Bernie Sanders’s son Levi Sanders’s account appeared to be hijacked, with the account name changed to “Moonbirds.” The hijackers of the account then tweeted a link encouraging people to enter a giveaway. What followed were dozens of other tweets from the account that tagged Twitter users. 

 

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

Screenshot of Levi Sanders's hacked Twitter account

Sanders' account appears to have been re-controlled, with the handle changed back to "Levi Sanders" and some of the offending messages removed. However, numerous posts tagging numerous users are still available as of the time of writing. 

The scams follow the same pattern as other recent NFT-related scams on Twitter. Just last week, Twitter users were raising alarms about verified accounts that were tagging users to click on a fake free NFT airdrop link for Azuki, an NFT collection of 10,000 avatars.

Last month, scammers used verified Twitter accounts to steal a reported $1 million in a fake ApeCoin airdrop. One victim lost $500,000 worth of NFTs after connecting his wallet and approving transactions on a scam website.

It’s unclear what steps Twitter may take to prevent future scams of this kind. The company, which started offering NFT profile pictures earlier this year, doesn’t state in its current “Misleading & Deceptive Identities” policy what happens when scammers hijack verified accounts like Sanders’ to deceive users.

The company’s “spam” policy states that spamming can lead to temporary account locks or permanent suspension. But this would punish the users whose accounts were hacked versus the hackers themselves.

At the moment, users who are aware of the issues are reporting the scam accounts and warning others.


© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Anushree covers how U.S. businesses and corporations are moving into crypto. She has written about business and tech for Bloomberg, Newsweek, Insider, and others. Reach out on Twitter @anu__dave