It may have been inevitable that Elon Musk cryptocurrency “giveaway” scams, inviting Internet users to scan QR codes before potentially surrendering personal information and even personal capital, would come along, and circulate via social media sites and content-sharing sites like Twitter, Facebook, TikTok and YouTube.
And come along they have. At various stages, and circulating on various social media platforms.
PC Risk has details of something it calls an the Elon Musk Twitter Giveaway scam. It categorises this particular scam, which appears to have taken place in December 2022 (but also earlier too), as involving “phishing,” “social engineering” and “fraud.”
But there is another scam too, apparently, happening away from Twitter – on YouTube – involving Elon Musk and QR codes.
‘Elon Musk Twitter Giveaway’ scam explained
The one that played out on Twitter last year was a fake cryptocurrency giveaway scam.
It claimed that anyone who sent crypto tokens – i.e., bitcoin or ethereum – to a specific wallet address, that wallet would send twice as much in return.
The scammers behind it impersonated Elon Musk using a fake Twitter page. The disguise they used – beyond being Musk himself – was that amid his Twitter buyout, certain developments had made it possible or beneficial for him to offload large quantities of cryptocurrency tokens.
“Once we receive your transaction,” read the text on the webpage in question, “we will immediately send the requested amount back to you.” Except, they were never going to. Because it was a scam.
How does the Elon Musk QR code scam differ from the one that happened on Twitter?
While the Twitter-based scam encouraged its victims to transfer cryptocurrency tokens to a particular wallet address, no one seems to have fallen too hard for the Elon Musk QR scam – yet. And that’s despite its use of what looks like deepfake technology.
Within the last two months, however, at least two threads have appeared in the Scams subreddit about a Live video popping upon people’s YouTube home screens featuring Elon Musk talking about Bitcoin with Jack Dorsey.
Both OP’s “fell for it,” but neither appears to have lost anything. The scam reportedly involves an old video of Musk and Dorsey. Except, its producers make it look new by including recent news events in the header. A Twitter user has shared what looks to be an example of it, showing Elon Musk discussing cryptocurrencies and Tesla in a large conference hall, before a QR code comes up.
It then shows a QR code, which it invites audiences to scan. One Reddit user says they scanned it, and then a webpage popped up asking if they were human.
What happened next?
They closed the webpage.
The other user says the Elon Musk QR code sent them to a website that “failed to load.”
“I didn’t give them any personal information,” the user added. They closed the webpage and had done with it. And thereby likely saved themselves some hassle.
As PC Risk says in its report on the Elon Musk Twitter Giveaway scam – and the same is likely true of the QR one discussed here – scammers can cause damage by stealing and using private information; they can gain financially by taking money in the form of cryptocurrencies and/or fiat currencies; and they can infect computers with malware.
If in doubt, use the rule of thumb: If it looks too good to be true, it probably is. Why would Elon Musk invite you to scan a QR code so that he could give you free money?
What to do if you fall for the Elon Musk QR code scam or similar Twitter giveaway scam
The main thing is to not send any money to anyone unless you’re absolutely sure of who you’re sending it to.
Losing money (or cryptocurrency tokens) is among the most painful ways of falling victim to a scam.
Secondly, if you do click on a link that takes you to what looks like a dodgy webpage, close it. Don’t linger, and don’t click on any links within that webpage.
And for anyone who thinks they might have downloaded something… phishy… PC Risk recommends Combo Cleaner. It describes it as a professional automatic malware removal tool. It is free to download, and may come in handy. Otherwise, manual threat removal can be a painstaking process.