The San Diego State University team uncovered nearly a million dollars were scammed from victims via the Lists feature on Twitter — now called X.
Researchers from San Diego State University in California developed an artificial intelligence (AI) system to identify, track and expose free cryptocurrency giveaway scams on X (formerly Twitter).
Called GiveawayScamHunter, the automated system discovered 95,111 scam lists between June 2022 and June 2023 that were created from 87,617 accounts on the X social network.
The researchers used the tool to autonomously extract website and wallet addresses associated with the scams. In doing so, they were able to collect 327 scam giveaway internet domains and 121 new scam-related cryptocurrency wallet addresses.
The first step to approaching the problem involved identifying a new vector of attack for cryptocurrency giveaway scams: Twitter Lists. Due to the permissionless nature of the Lists feature on the social network, it presents a simple networking tool for scammers to exploit.
To determine which lists dealt with giveaway scams, the team trained a natural language processing tool on data from previously identified giveaway scams.
The researchers were able to identify nearly 100,000 instances of giveaway scam lists using this method, which allowed them to compile data on previously unreported scam websites and wallets.
Using this data, the team gleaned numerous insights into how these scams unfold, how scammers target victims and the approximate number of victims scammed during the one-year study period.
Per the paper:
“By tracking the transactions of the scam cryptocurrency addresses, this work uncovers that over 365 victims have been attacked by the scam, resulting in an estimated financial loss of 872K USD.”
The scientists reported their results and the associated accounts, domains and wallet addresses to both X and the cryptocurrency/blockchain community. However, according to their paper, 43.9% of the associated accounts remain active as of its Aug. 10 publication — though the researchers do note that the majority of these are likely spam accounts not in active use.