What was meant to be a trending Twitter hashtag is turning out to be a scammers paradise to trick users into sending over money in the hopes they receive large sums of money back.
A new study published on Thursday, October 24, by Satnam Narang for Tenable, a company dedicated to cyber exposure, reveals that scammers have been taking advantage of the #CashAppFriday giveaway hashtag. Square, the creator of Cash App, promotes the hashtag every Friday, asking users to tweet to their official account their “cashtag” or username, to choose a random person to deposit money to through the app. As it turns out, it’s proven to be easy for scammers to copy.
Narang told Digital Trends that scammers make a fake Twitter account claiming they are Cash App or that they work for Cash App and direct message users who are using the hashtag. The scammers then tell the users that to verify their identity, they have to send them $10, which they promise they will return, plus more, as part of the Cash App money giveaway.
“While $10 isn’t a lot of money in the grand scheme of things, for some people it is, and the scammers know that,” Narang said.
These nefarious tactics also include scammers claiming they can turn that $10 into $100, as well as fake accounts using fake screenshots with the claim that they are giving away thousands of dollars from their Cash App account.
Narang said that the #CashAppFriday hashtag receives about 1.2 million Twitter mentions with a 1.4 billion reach every week, so it’s no wonder why scammers are cashing in — so to speak — on the popular trend.
“If you receive an incoming request in your Cash App for money to verify you’re real, ignore the request and report the user,” he includes as tips in his findings. “If you receive a message from someone saying you’ve won a Cash App giveaway and they include a link to a website that asks you to log in to your Cash App, it is almost certainly a phishing site.”
While online scams are nothing new (remember email chain scams from the ’90s?), Narang warns that as new platforms are created, scammers are going to take advantage of them and use new tactics.
Narang points to Tik Tok, which has gained massive popularity this year, and that scammers are infiltrating the platform by promoting adult dating apps and asking people to download them. While it’s not as serious of a scam as taking people’s money, it’s still something to look out for.
“Different types of scams basically adapt to the platforms that are provided,” he said. “As any platform comes into prominence, scammers are going to be ready and waiting because they know they have a built-in audience.”
But Narang said there are things to look for when it comes to scams like this online.
“The thing that is the biggest takeaway is if it sounds too good to be true it probably is,” he said. “Also, if the math doesn’t add up, it’s definitely shady.”
Tenable told Digital Trends that Cash App has been made aware of the scamming.
“We are aware of social media accounts that claim to be associated with Cash App. We have been working with Twitter and Instagram to deactivate all accounts that infringe our intellectual property rights (e.g., use our name or logo without permission) or seek to take advantage of our customers,” Cash App said in a statement to Tenable.
Cash App added, “As a reminder, the Cash App team will never ask customers to send them money, nor will they solicit a customer’s PIN or sign-in code outside of the app. Additionally, Cash App currently has only two official Twitter accounts, @cashapp and @cashsupport, both of which have blue, verified checkmarks. If you believe you have fallen victim to a scam, you should contact Cash App support through the app or website immediately.”
Digital Trends reached out to Twitter to comment on the scam, and we’ll update this story once we hear back.
- The 100 best Android apps (July 2021)
- Scammers find a new target: Teens on TikTok
- Dozens of major Twitter accounts hacked in massive Bitcoin scam
- Elon Musk says Bitcoin scammers impersonating him on Twitter are ‘not cool’
- Twitter CEO aims to overhaul verification as digital coin scams grow