Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable 블로그

구독

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

Cash App Scams Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

Cash App scammers are targeting users on Instagram and YouTube. Here’s what you need to know about their tactics — and how to avoid being conned.

In part one of our two-part series on Cash App scammers, I explored how promotional tactics used by the popular person-to-person (P2P) payment service have been co-opted by scammers, particularly on Twitter. Here, I share additional details showing how similar cons are perpetrated on Instagram, and how scammers are also creating videos on YouTube to deceive users into believing they have a way to “hack” Cash App for free money. You’ll also find tips and guidance on how to keep your hard-earned cash from falling into the wrong hands.

Instagram Cash App Scams

Cash App scams on Instagram are mostly similar to those on Twitter, with some key differences based on how users interact on each platform. 

Similar to the Twitter #CashAppFriday promotion, Instagram users hoping to win the #CashAppFriday and #SuperCashAppFriday giveaways will leave comments on Cash App Instagram posts with their $cashtag hoping to be selected.

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

Once again, because users are publicly sharing their $cashtags, Cash App scammers can easily target them directly.

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

On the same Instagram post from @CashApp, users posted about receiving incoming  requests to send $20. One user provided an example account name, $cshfridayoffical, one of a myriad of Cash App accounts impersonating Cash App on its own platform.

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

A user also posted an image on their profile of a request they received during a recent #CashAppFriday. The post shows an incoming request through Cash App asking for $10 to “verify real account to get $500.” So it’s clear Cash App scammers are using the same tactics outside of Twitter to steal money from Cash App users.  

How Cash App scams differ on Instagram is through the way they adapt to the platform they use. On Twitter, Cash App scammers reply to #CashAppFriday tweets from @cashapp and the hashtag itself. On Instagram, the Cash App scammers look for users commenting on @cashapp posts with their $cashtag and follow those users, hoping they’ll look at their profiles.

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

The usernames vary and may include keywords like “cash,” “payroll,” or “rich” in them. Some are more direct with their intentions, including variations of the word “money” and “flip” in them.

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

These scammers aren’t explicitly targeting Cash App. Rather, as I previously noted, these are traditional money flipping scammers who’ve seen the tremendous popularity of Cash App and the #CashAppFriday giveaways and are trying to prey on desperate users seeking quick cash. 

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

In the Instagram posts above, a money flipping scammer is posting photos of someone with lots of cash in hand in their vehicle to entice users. They also tease an offer of flipping “$7 into $120,” setting the entry point very low for a potential victim. Finally, they have an example of a series of “Cashapp Flips” through which users can turn anywhere from $10 to $100 into $100 to $1,000. However, potential victims won’t see such returns.

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

In another Instagram Cash App scam profile, the scammer cautions users to have “at least $25” in Cash App or “any other bank acc.” This profile also includes conversations and images where the scammer supposedly sends money to users. While unconfirmed, it is suspected that these images were either doctored or involved other accounts the scammer operates.

While I did not engage with these Instagram Cash App scammers, since they operate under the model of money or cash flips, it’s clear how the conversation would go. They would ask for an initial payment, claim they have the ability to modify the transactions in the system, ask to be given a cut from the “flip” they perform and mention they have proof that their operation is legit. Clearly, the operation isn’t legit and they would run off with whatever money they would receive.

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

To underscore how pervasive the Cash App scams are on Instagram, the official Cash App Instagram account recently posted an image with a caption stating the service will “never request money from you.” 

YouTube Cash App Scams

Despite the persistence of these Cash App scams on social media, there is another area of intrigue when it comes to Cash App scams, this time on services like YouTube.

Unlike the money or cash flipping scams on Twitter and Instagram, Cash App scams promoted through YouTube focus on so-called Cash App Money Generators or Cash App Hacks.

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

Searching for certain keywords relating to free money and Cash App lead to videos claiming to promote a “secret trick” or hacks to get free money on Cash App.

Digging into these videos, they all follow the same basic script:

  1. Voiceover of the video creator with the camera focused on their mobile phone.
  2. They may open their Cash App to reveal $0 in funds.
  3. They open a web browser and tell the viewer which website they need to visit in order to get the “free money.”
  4. The websites may be solely focused on Cash App or have references to other apps and services, requiring the user to “search” for the Cash App page.
  5. The video creator shows the viewer a website asking for a Cash App “ID” ($cashtag) and the amount of money they wish to receive, which can range from $10 to $999.
  6. The websites claim to be starting the process, but are ultimately interrupted because they require “human verification.”
  7. The websites redirect to a page that asks the user to install up to two mobile applications and run them for a specific time (30 seconds) or to play a series of games (e.g. Solitaire).
  8. After completing these steps, the websites claim the user will receive the requested funds.
  9. The video creators have doctored the video to show their Cash App incrementing the value of their available funds or merely increasing the money on the screen to make it appear as though the generator worked and they received the money they requested.

This approach mirrors what I’ve previously seen in scams targeting TikTok users seeking free followers and likes. The only difference is that they’re being promoted on YouTube.

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

The image above is just one example of a myriad of Cash App “free money” generator/hack websites designed to drive users to “human verification” pages, which require users to fill out surveys (on desktop) and install mobile applications (on mobile).

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

The “Are you a robot” reference leverages Google’s reCAPTCHA logo to masquerade as a true “verification” service. Because most internet users are accustomed to reCAPTCHA implementations across the web, they might very well believe this is a legitimate verification request. In reality, it’s part of a cost-per-install (CPI) program, where the website creator uses specially crafted links with an affiliate identifier (affid) associated with their own account. This way, when a user installs one of these mobile applications and runs them for 30 seconds, they’ll be paid a small sum of money (less than $1) per install. 

In the case of these YouTube videos, it is possible the video authors have created the websites themselves, so they’re earning the affiliate money from the CPI programs. However, I’ve not been able to independently verify whether or not this is the case. Typically, CPI programs pay a very small amount for a successful conversion, often less than $1. They’re less lucrative than other affiliate programs, such as those promoting adult dating websites. 

Safety Tips for Cash App Users

While legitimate giveaways from Cash App and artists and celebrities may pique your interest, it is important to proceed with caution, because Cash App scammers are like sharks in a pond.

If you’re a Cash App user or someone interested in these giveaways or Cash App generators, here are some tips to help keep you safe when using these platforms and the Cash App service.

  • Neither Cash App nor any artist or celebrity offering to give away money will ever ask you to send money as a form of verification. If you receive an incoming request in your Cash App for money to verify you’re real, ignore the request and report the user.
  • Be skeptical of posts on Twitter and Instagram promoting #CashAppFriday or other giveaways. Do the math; if it sounds too absurd ($900 for the first 900 people) then it will turn out to be a scam. Even if it is a modest sum ($20 for the first 100 people), be skeptical.
  • Flipping money isn’t real. There is no program or method to alter transactions to increase the value within Cash App or any other person-to-person payment service. If the proof offered to you is flipping $2 to $20, know that the Cash App scammer is using their own stash of funds to gain your trust to steal a higher sum of money from you.
  • If you receive a message from someone saying you’ve won a Cash App giveaway and they include a link to a website that asks you to log in to your Cash App, it is almost certainly a phishing site. Do not enter your mobile number or provide your “login code” into any website. Instead of clicking on a link in a DM or a social media post, visit the real Cash App website (https://cash.app) or check your mobile application instead.
  • There is no such thing as a Cash App generator or Cash App hack that requires you to install a mobile application to get free money. You’re being used as a pawn to help a scammer earn money off the apps you install on your mobile phone.

Additionally, it is important to review your Cash App settings to fend off scammers. This includes ensuring you’ve enabled “Security Lock,” which requires your Cash App pin in order to transfer funds. Keep your Cash App pin to yourself and never share it with any person or any website.

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

Finally, you can restrict who has the ability to send you an incoming request for money to “Contacts Only,” which will thwart the Cash App scammers impersonating Cash App and other celebrities through incoming requests, asking you to send them money for verification purposes. Even with this setting enabled, you’ll still be able to send and receive money through Cash App normally.

Cash App Scams: Giveaway Offers Ensnare Instagram Users, While YouTube Videos Promise Easy Money

As the old adage goes, if it sounds too good to be true, it probably is. In the case of Cash App giveaways, most of the time, it definitely is.

관련 기사

도움이 되는 사이버 보안 뉴스

이메일을 입력하여 Tenable 전문가에게서 적시에 알림을 받고 보안 참고 자료를 놓치지 마십시오.