The New York Post's X account on a popular microblogging platform has been targeted by malicious actors attempting to scam crypto users. Reports have surfaced from members of the crypto community who received private messages from the New York Post's X account, inviting them to participate in a podcast and directing them to contact via Telegram. The suspicious messages were first identified on May 3 by Alex Katz, the founder and CEO of Kerberus, who shared a screenshot of a message impersonating author and journalist Paul Sperry through the official nypost account.

Cybersecurity engineer and NFT collector known as "Drew" noted that the scammer had gained unauthorized access to the account but didn't immediately request funds or cryptocurrency. Instead, they engaged users in conversation and then directed them to continue the interaction on Telegram. The scammer would then block users from replying, preventing the real New York Post team from being alerted to the compromise.

Donny Clutterbuck from Fomojis, a platform within the NFT Bitcoin community, also fell victim to the hacker. He suggested that the scam could be exploiting a vulnerability in Zoom, possibly through enabling audio during a call. Clicking to enable audio could trigger a pop-up that offers the option to enable WiFi, potentially granting network access to the scammer.

Blockchain investigator ZachXBT pointed out the similarities between this incident and a previous compromise involving The Defiant's X account, where unauthorized direct messages were sent to users. Despite efforts to contact the New York Post for clarification, there was no immediate response, and the compromised messages were not visible on the NYP or Sperry's social media feeds.

This incident reflects a growing trend where scammers are leveraging social engineering techniques to target users through direct messaging, particularly on platforms like Zoom. In a recent case, Emblem Vault CEO Jake Gallen cautioned users about potential scams on Zoom after losing $100,000 in crypto assets. Gallen was also approached through a messaging platform for a Zoom interview, during which malware was installed to drain his wallets.

This is not the first time the New York Post's verified social media accounts have been compromised. In 2022, an employee hijacked the verified Twitter account to post inappropriate messages disguised as legitimate headlines. As scams in the crypto space continue to evolve, users are urged to exercise caution and verify the authenticity of messages and requests they receive, especially when directed to external platforms or services.

Source: https://cointelegraph.com/news/hackers-accessed-new-york-post-x-account-scam-crypto-twitter?utm_source=rss_feed&utm_medium=rss&utm_campaign=rss_partner_inbound