Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Serpent Profile picture
Serpent
@Serpent
Web3 Marketing & Security. I expose scams. Anyone claiming to be me is a scammer, verify by DMing me.
Apr 14, 2023 โ€ข 9 tweets โ€ข 4 min read
๐Ÿšจ TWITTER URL SPOOFING EXPLOIT ๐Ÿšจ

Scammers are exploiting a flaw with Twitter's website preview cards to show a legitimate website but have it redirect you to a phishing site.

Here's how it's currently being exploited to drain wallets ๐Ÿงต๐Ÿ‘‡ Image 1/ There is an ongoing exploit that allows people to spoof what the Twitter website preview shows. It can be manipulated to show any website's preview, and take you somewhere completely different.

This is possible in both tweets & DMs.
Dec 17, 2022 โ€ข 12 tweets โ€ข 7 min read
๐Ÿšจ Analysis of how a scammer stole 14 BAYCs worth over 852 ETH ($1.07 million) today through a month-long social engineering scam.

Here's how it happened ๐Ÿงต๐Ÿ‘‡ 1/ The scammer (@JasonBrubeck) contacted the victim (@_sevenseason_) and asked to license IP rights for BAYC #2060. They claimed to be a casting director working for "Forte Pictures" which is an LA based Emmy award winning company with offices at Sony Pictures Studio.
Dec 15, 2022 โ€ข 7 tweets โ€ข 3 min read
๐Ÿšจ CRITICAL DISCORD EXPLOIT ๐Ÿšจ

A few days ago, a dangerous Discord XSS exploit was found and exploited. This allowed hackers to steal your Discord token from clicking on an official Discord link.

Here's how it worked ๐Ÿงต๐Ÿ‘‡ 1/ For those who don't know, cross-site scripting (XSS) is an attack vector in which the attacker injects malicious executable scripts onto a vulnerable website.
Aug 21, 2022 โ€ข 19 tweets โ€ข 10 min read
๐Ÿšจ CURRENTLY RUNNING TWITTER SCAMS ๐Ÿšจ

In this thread I've compiled a list of the most popular currently running crypto/NFT scams on Twitter.

Here's how they work ๐Ÿงต๐Ÿ‘‡ ๐Ÿšฉ๐Ÿšฉ UNICODE LETTERS ๐Ÿšฉ๐Ÿšฉ

Scammers have started spoofing URLs using lookalike
unicode letters

In this case, they are changing the letter "i" to a lookalike character from a non-English alphabet

The URLs respectively resolve to:
โ€ข xn--premnt-s9a[.]xyz
โ€ข xn--premnt-zva[.]xyz ImageImage
Jun 25, 2022 โ€ข 12 tweets โ€ข 5 min read
๐Ÿšจ FAKE FILE EXTENSION SCAM ๐Ÿšจ

Scammers are spoofing file extensions to disguise malicious files as PDFs and targeting artists, influencers, and projects.

This is how it works ๐Ÿงต๐Ÿ‘‡ Image 1/ In this case, artist @RabbitinM was first messaged about a commission for his art. He was sent a zip file containing what the customer wanted, with examples and sketches. What seemed to a normal commission turned bad when the artist went to view the customer's request. ImageImageImageImage
May 10, 2022 โ€ข 11 tweets โ€ข 7 min read
Using an exploit with Google ads, scammers are able to make the real and scam URL look exactly the same.

Already ~100 ETH stolen ๐Ÿงต๐Ÿ‘‡ Image 1/ After clicking the top link, you will be redirected to one of these phishing sites. On the phishing websites, they have two types of scams going on.

One will try to get your seed phrase, and the other one calls a Refund() method and attempts to drain your wallet balance. ImageImageImageImage
Apr 17, 2022 โ€ข 9 tweets โ€ข 3 min read
๐Ÿšจ NEW PHISHING SCAM ๐Ÿšจ

Already $650,000 stolen from a single individual and it's going to happen to a lot more people.

This is how it happened ๐Ÿงต๐Ÿ‘‡ 1/ On April 15th, @revive_dom received multiple text messages asking to reset his Apple ID password and at 6:32 PM he received a call from "Apple Inc." which was a spoofed caller ID.

They claimed that there was suspicious activity on his Apple ID and they asked for a one-time ImageImage