It feels like the world is holding its breath, as we wait for news of the safe recovery of the remaining boys and their football coach trapped in a Thai cave since 23 June.
An international rescue effort has (at the time of writing) successfully extracted at least nine of the boys, who were required to dive through narrow, flooded passages flooded with water. Tragically, one diver on the rescue team – who was delivering supplies of air – died on 5 July, underlining the extremely perilous situation the kids found themselves in.
Truly harrowing, and I’m sure many hearts have ached hoping that there are no more casualties.
But you know who hasn’t been worrying a jot about all this? Scammers, of course.
Here’s Elon Musk, billionaire founder of Tesla and SpaceX.
He’s not a scammer, of course. But he is followed by over 22 million people on Twitter, and some of them asked if he had any ideas about how the trapped kids might be safely rescued.
Elon Musk’s proposal? A tiny submarine. Well, submarine is probably stretching things a little. It’s a skinny airtight capsule that can be guided through narrow spaces, and is just big enough for a kid to squeeze inside.
Simulating maneuvering through a narrow passage pic.twitter.com/2z01Ut3vxJ
— Elon Musk (@elonmusk) July 9, 2018
Understandably, Elon Musk’s proposal got a lot of media attention and the mini-submarine was raced out to Thailand to see if it could assist in the rescue mission. However, by the time it arrived it was clear that the rescuers did not currently require it.
Some mean-hearted folks online have suggested that Musk is just engaged in a publicity stunt, jumping on the coat-tails of such a high profile story that has gripped the world… but, you have to ask yourself what have those people done to help the boys?
But even those skeptics are better than the scammers who are exploiting both Elon Musk’s generosity and interest in the Thai cave rescue.
Because if you check out Elon Musk’s Twitter thread you’ll see messages like this:
Even if it’s not going to be used, it won’t harm to have it on hand. For any emergencies.
Also, remembered my promise from yesterday:
A promise from yesterday? I wonder what that is? The next message from “Elon Musk” in the thread is a link to a webpage promoting a “giveaway to all crypto fans”.
And if you click through you’ll be told that Tesla is offering to give away 5000 bitcoins (over US $32 million in real money). All you have to do, says the webpage, is send between 0.1 and 5 BTC and you’ll get “from 1 to 50 BTC back!”
Yeah, right!
Now, you might twig that this is a scam – but would all of Elon Musk’s followers be as quick to spot that someone is creating fake Elon Musk Twitter accounts (note that they don’t have the verified checkmark) and injecting themselves into the conversation to lead the real Musk’s millions of followers into the hands of online criminals?
Time and time again, crypto scammers are creating accounts in the names of known Twitter users and using devious tricks to fool their followers into believing they are reading a genuine message from a tech guru, journalist, or celebrity.
It’s not even the only scam being perpetrated in Musk’s tweet about the delivery of his mini-submarine.
The above series of fake Elon Musk tweets lead to a webpage that tells you if you send in 3 BTC or 30 ETH you will get your very own Tesla car!
It’s pretty sick that scammers are exploiting the horrendous situation in Thailand. Twitter needs to do much more to stamp out fake accounts abusing the trust of legitimate users. Everyone needs to be careful to verify that the messages they are reading really do originate from the person they think.
And let’s all hope that everyone is safely rescued without any further injury.
For more discussion on this topic, be sure to check out this episode of the “Smashing Security” podcast.
Smashing Security #086: 'Elon Musk submarine scams and 2FA bypass'
Listen on Apple Podcasts | Spotify | Pocket Casts | Other... | RSS
More episodes...
Surely – *surely* – the double-whammy of 'implausible giveaway' and 'advance-fee scam' (to say nothing of the cryptocurrency connection) is too much of an overreach for this scam to succeed.
Well, hopefully.