Eradicating Giveaway Scams —No Easy And Effective Method Found

What was Michael Saylor having to allocate some of his time for on Saturday evening last week? Giveaway scams!

A giveaway scam is a social engineering attack that uses impersonation to appear legitimate when trying to trick victims into sending their bitcoin.

A spot check on Youtube finds that this one specific website from that PSA has since been taken down, but found from this spot check instead was that over a half dozen other giveaway scam live stream videos impersonating him exist. Each of these new videos had a different website being promoted, but all of those website domains had just recently been registered. In other words, countering these scammers by getting their videos and websites taken down is like playing a game of whack-a-mole.

And it is not just Michael Saylor being impersonated. Cardano’s Charles Hoskinson has repeatedly expressed exasperation on the topic of giveaway scams. In September, a scammer succeed in taking over the Bitcoin.org website and ran a giveaway scam impersonating a “Bitcoin Foundation”.

The list of individuals and organizations impersonated for giveaway scams is extensive:

• Elon Musk — (Tesla / SpaceX / Starlink / Boring Co / SNL appearance / Doge)
• Vitalik Buterin (Ethereum / ETH)
• Charles Hoskinson (Cardano / ADA)
• Michael Saylor (MicroStrategy)
• And many more: Winklevoss (Gemini), CZ (Binance), Shiba Token mascot (Shiba / SHIB), DogeCoin mascot (DogeCoin / DOGE), Brad Garlinghouse (Ripple / XRP), Justin Sun (BitTorrent / BTT), Chamath Palihapitiya (Social Capital), Barry Silbert (Grayscale), Brian Armstrong (Coinbase), Yuzo Kano (Bitflyer), Mark Zuckerberg (Facebook), Tim Cook (Apple), Bill Gates (Microsoft), Jeff Bezos (Amazon), Cathie Wood (Ark), Jack Dorsey (Twitter), etc.

Potential Solution

As described in a post a few months ago, the solution to this problem will most likely involve changing the economics of the giveaway scam so that it is no longer a profitable endeavor. How can this be done?

• Decrease revenue to the scammer, by helping to get the giveaway scam website taken down (or made inert). A site taken offline results in no further revenue to the scammer, so effecting a takedown promptly is the key. A secondary benefit from getting a site taken down is that it increases awareness in those who would then click the scammer’s link to get to the site, thinking the offer was legit, who will then see that the site no longer exists — or even better, see a “Suspected Phishing” warning.
• Increase the cost for a scammer to continue scamming. If a scammer’s site is taken down, but the scammer is persistent (and they all are), they will have to pay again to register a new, replacement, domain, to set up a new hosting account, etc. This is costly not just in direct costs, but in the time and effort expended as well. Additionally, a site being taken down renders worthless the previous efforts in promoting that site, which frustrates the scammer and works to discourage them from continuing by setting up another giveaway scam.
• The data collected provides the ability for analysis with the aim of being able to identify the big phish (pun intended) and to lock their funds, if they weren’t smart enough to avoid custodial exchanges. This also increases the risk to the scammer of being prosecuted for engaging in the scamming.

Method to implement the solution

For the past eight months, a proof-of-concept (PoC) has been underway. In that time, this PoC has taken down nearly 1,500 websites — with (eventual) success found in over 99% of the website takedown attempts. The process goes as follows:

• Identify giveaway scam takedown candidates (discovered through Twitter, and Youtube, mostly), then determine which candidates are the lowest hanging fruit and/or have a higher priority.
• Perform take down procedures (currently an entirely manual process for the most part, taking about 20+ minutes of labor per giveaway scam website)
• Monitor status periodically (e.g., daily), and then update a database as additional relevant information is obtained. We have built some rudimentary but effective automation for this part, at least.

The efforts for this PoC were performed by two individuals, allocating some of their spare time. The project involved close collaboration, and the process does not scale, as it is currently practiced. Additionally, taking an educated guess, fewer than one quarter of all the giveaway scam takedown candidates that exist will get discovered by the existing process.

Even when a takedown candidate is discovered, a decent percentage of them do not make the cut to be pursued for a takedown attempt — usually due to lack of time (from the volunteers). Thus, priority was given to takedown candidates having certain criteria:

• Candidate websites where bitcoin was solicited were selected ahead of candidates that solicited altcoins
• Candidates where the attempt had a low chance of resulting in a takedown (e.g,. uses a domain registrar that ignores take down requests) were not pursued

The initial aim of the PoC was to see if there might be an easy and effective way to eliminate the giveaway scam scourge. After the first hundred or so takedowns, it was determined that there would be no easy and effective method. But the PoC continued for a number of months further to try to learn more about the problem and to suggest how best to get it solved. Having reached that point, the phase of this endeavor, involving uncompensated volunteers, is reaching an end.

With funding, the work performed during the the PoC can be continued (the two volunteers would receive compensation for further efforts, going forward) while at the same time work can begin on improving the methods for building a working solution. This would involve improving the take-down methods, acquiring and/or building data collection, monitoring, and reporting systems, adding automation where it makes sense, hire a little additional (contract) help, and otherwise move towards scaling up, which is a requirement for the objective (i.e., eliminate the profit incentive in running giveaway scams) to be reached.

Without being able to identify most of the giveaway scams that are out there, in addition to not pursuing all of the candidates discovered (due to resource constraints, primarily), this PoC has for the most part been ineffective at actually solving the problem. There seems to be just as many giveaway scams that exist today as there were when efforts for this PoC first began.

However, with funding both of those hurdles can be overcome.

Approaches To Obtaining Funding

Raising funds would likely be difficult for this project. There’s no revenue even when there is great success in solving the giveaway scam problem. So that leaves just a few options:

- Donation based (e.g., tips, and/or something like a Patreon)
- Sponsors (including website mentions)
- Targeted grants (e.g., Vitalik provides funds specifically for taking down the giveaway scams where he is the one being impersonated)

While the current volunteers feel that the giveaway scam problem is indeed solvable, they are not in a position to continue their efforts, nonetheless improve the method and to scale, without sufficient funding.

And considering the experiences of other projects using one or more of the funding approaches from above, there’s no expectation that funding from these methods would result at a level sufficient to be able to continue. Does that mean this PoC project comes to and end then? That needn’t be the case.

There’s one other approach that has been considered, and to obtain feedback on that approach, am sharing it here.

The Giveaway Scam NFT

Seriously? Seriously.

The domain name for a giveaway scam is unique, and has attributes beyond the name. Just like artwork.

Example Giveaway Scam NFT

Why would anyone want to buy this NFT? Well, maybe they saw a Tweet, such as this one sent during the PoC (image below), likes what was done, and wants to support the efforts by the organization formed [name TBD] to get these giveaway scam sites taken down.

Example of where anyone can alert the bot about a giveaway scam

Or perhaps these NFTs are interesting to Elon Musk and the others impersonated in these giveaway scams, and they would buy. If those NFTs are selling, the organization would have an incentive then to prioritize any takedown candidates where the resultant NFT (once taken down) would produce revenue.

The same concerns as described above come in to play though — the current PoC volunteers are not in a position to continue the PoC (as volunteers) to try this approach for a number of months and see if this NFT concept will eventually work.

So this post is essentially a summary of where things are at today and to seek feedback on the NFT idea and/or guidance as to how (or if) to try to further pursue a solution for the giveaway scam problem.

Update: A question was asked … why not crowd-source the effort? Good question. That’s not anything organized but there’s nothing stopping anyone from finding giveaway scam videos and attempting a take down on their own. Phish.Report helps with identifying the registrars and hosting companies.

Thoughts?

My e-mail is BitcoinPhishing@ProtonMail.com, or my DMs on Twitter are open: @BitcoinTech.

And there’s also a Telegram group for discussion: t.me/GiveawayScamNFTs