2 min read

Imran Khan's Instagram account hacked to promote phoney Elon Musk $100 million crypto giveaway

Graham CLULEY

August 02, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Imran Khan's Instagram account hacked to promote phoney Elon Musk $100 million crypto giveaway

The official Instagram account of cricketing legend and former Pakistan Prime Minister Imran Khan was hacked yesterday in order to promote a cryptocurrency scam.

An unauthorised post and Instagram story briefly advised Khan's over seven million followers to visit a scam website that offered an Elon Musk-endorsed "crypto giveaway" of $100 million.

To make the scam appear more legitimate, the post was accompanied by a screenshot of a faked tweet claiming to come from Tesla boss Musk, and an endorsement message that pretended to come from Khan:

Thank you Elon Musk for 3 BTC. Go to the site and get money. Link in profile bio

In the story posted to Imran Khan's hacked account, a screenshot purporting to show 3 bitcoin being transferred to him was displayed.

Of course, there is no sign of the tweet on Elon Musk's genuine Twitter account.  It appears to be the concoction of the scammers themselves, who can mock up a fake tweet screenshot using tools found on any PC in mere seconds.

Elon Musk's image and name are commonly exploited by online criminals keen to dupe the unwitting into falling for a cryptocurrency scam.  Musk's enormous fame, fervent following in the crypto community, and regular erratic behaviour appear to be an ideal cocktail for those attempting to lure the unwary into making an unwise decision.

However, combining Musk's name with those of other public figures with large and loyal followings - such as PTI party chairman Imran Khan - opens up even more opportunities for scammers.

Clearly, there is a great deal of harm that could be done by having the social media accounts of high profile political leaders compromised - more, most likely, than the financial damage that could be done if followers were duped into participating into a cryptocurrency scam.

For instance, an attacker might use their access to a social media account to post misinformation to their millions of followers, or point them towards a webpage that installed malware onto their computers.

Control of Imran Khan's account was later confirmed to have been recovered.

Last week, the Twitter account of another high profile figure in Indian politics, PTI Secretary General and former Federal Planning Minister Asad Umar, was also hacked, and in May the email, Twitter, and Apple accounts of PTI party figure Hammad Azhar were also compromised.

It is unclear whether all of these accounts have been hijacked using the same techniques, but it clearly would be no bad thing if more care was taken in securing accounts with strong, unique passwords and multi-factor authentication.

Last year it was reported that Imran Khan's mobile phone may have been targeted by the notorious Pegasus spyware developed by controversial Israeli firm NSO Group.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach Sophisticated Smishing Attack on Twilio Leads to Employee Credential Leak and Data Breach
Silviu STAHIE

August 09, 2022

1 min read
Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down
Silviu STAHIE

August 05, 2022

1 min read
Slope Wallets Blamed for $6 Million Solana Hack Slope Wallets Blamed for $6 Million Solana Hack
Silviu STAHIE

August 04, 2022

1 min read