If you are a sales representative for a top-tier crypto media outlet in 2025, it is likely that someone is impersonating you.

These are usually fake Telegram, X, or LinkedIn accounts that sell "top-tier PR" services to unsuspecting businesses, only providing a personal USDT wallet address when it comes time for payment. Cointelegraph has discovered numerous similar cases.

In October 2025, a Telegram account named "Tobias Vilkenson | Cointelegraph" contacted BNB Chain, claiming to "arrange a time to communicate and report on BNB Chain in a Cointelegraph article," and also linked to an X account of the same name, which had over 6,000 followers. This is a typical impersonation scheme: leveraging media credibility, promising coverage, and directing targets to private direct messages (DMs) to continue the scam.

Other Cointelegraph journalists, including Erhan Kahraman, Turner Wright, and Amin (Ruholamin) Haqshanas, have also reported this year that someone has been using their names and photos to commit fraud.

Impersonation has become one of the most common social engineering attack methods in the crypto industry this year, used to steal data, hijack wallets, and blur the lines between credible media and outright fraud. Here are some cases:

Multiple crypto projects received interview requests from an email address at team-coinmarketcap.com and the corresponding X account, impersonating a former CoinMarketCap journalist.

Once the "meeting" began, the impersonator would ask participants to adjust their Zoom settings and agree to a remote control request, instantly gaining access to their devices. CoinMarketCap later confirmed that the outreach was fraudulent and issued a public warning.

Scammers cloned the Empire podcast brand, inviting influencers to "record interviews" through a fake live streaming platform, StreamYard, and Huddle links. After downloading the files, the macOS system would quietly install AMOS Stealer malware to steal browser cookies and cryptocurrency wallet data.

A realistic AI-generated video featuring Hong Kong Chief Executive John Lee promoted an "official investment plan" that spread online. Relevant authorities quickly debunked it and traced it back to Telegram groups associated with overseas scammers. A few weeks ago, a similar fake video featuring the Hong Kong Financial Secretary claimed to promote a false "Hong Kong National Currency."

Over 100 Australians received text messages claiming their Binance accounts had been compromised. Victims were asked to transfer funds to a "safe wallet," which actually belonged to the attackers.

The UK's Financial Conduct Authority (FCA) received nearly 5,000 reports in the first half of 2025, stating that individuals were impersonating FCA employees. The script typically began with "We can help you recover your crypto assets," ultimately requesting personal information or wallet access.

The above cases all follow a similar pattern: first gaining trust through a familiar identity, quickly moving to private channels, and making unusual requests such as downloading files, wallet transfers, or "verification."

This is a social engineering attack method disguised as a crypto brand, and its effectiveness lies in its initial credibility. Therefore, clear verification steps—such as checking author pages, domain names, and official contact information—are more important than ever.

Did you know? In 2024, impersonation scams alone led to reported losses of $2.95 billion for U.S. consumers.

Two major changes in 2025 have led to a surge in impersonation incidents.

First, the X platform completely overhauled its verification system, introducing multiple paid tiers for premium benefits. The blue verification badge no longer signifies authenticity; it merely indicates that the user is a paying X Premium subscriber. The previous "Notable and Verified" badge has been removed, and while there is a verification feature, it is not mandatory and enforcement is inconsistent.

The result is a chaotic environment where cloned accounts appear as credible as real ones. Some scammers even purchase Premium to make fake accounts more convincing.

Second, impersonation scams are surging across various industries, not just in crypto. The U.S. Federal Trade Commission (FTC) recorded consumer fraud losses of $12.5 billion last year, a historic high. Among these, the number of impersonation cases affecting the elderly increased more than fourfold.

The FBI's Internet Crime Complaint Center lists phishing and impersonation as one of the main complaint categories. This has become one of the most profitable forms of cybercrime, and the crypto industry, with its transparency and open communication via DMs, remains a primary target.

Not only random scammers but even regulatory agencies have been impersonated. In January 2024, the official X account of the U.S. Securities and Exchange Commission (SEC) was hijacked in a SIM card takeover attack, briefly posting false news about the approval of a Bitcoin (BTC) spot ETF, causing market fluctuations before the post was corrected.

If an entire government agency can be cloned or breached, impersonating a journalist is even easier.

Here’s how these scams typically unfold based on firsthand reports and platform data from this year:

"Let us introduce you—can we move to Telegram?" This often starts with a polite DM from a familiar name on X, then requests to continue the conversation on Telegram. The cloned handle looks almost identical to the real one.

They request fees or "expedited coverage"—a classic red flag. Cointelegraph's sponsored content is clearly labeled and managed by a separate commercial team. No journalist will ask you to pay to be covered. If someone does, they are a scammer or, at best, a fake PR pitch impersonating an editor.

They send "quick Zoom" or "verification links." Phishing emails and DMs often replicate employee names or forge company domains to create a sense of urgency—such as "just confirm these details" or "click here to schedule." The FTC's advice is simple: do not click on anything you did not expect. Always verify contact through known channels.

Similar handles and blank profiles are common. On X, scammers rely on slight misspellings, recent account creation dates, and copied-and-pasted posts. Many even purchase Premium to obtain a blue checkmark. X's policy technically prohibits "misleading and deceptive identities," but reporting and removal often lag behind the scams.

They use pressure and confidentiality. You will see phrases like "confidential" or "we need to complete this within an hour." Sometimes they ask for a crypto wallet address "for verification" or "reward distribution." These are clear stop signals. They are obvious signs of social engineering attacks marked by global cybersecurity agencies.

If these appear in your inbox or DMs, stop before replying. The next section will guide you through a one-minute verification process that can help you and your project avoid falling into the impersonator's trap.

Did you know? After a surge in impersonation scams—fake accounts posing as trusted individuals or media brands—Telegram launched @notoscam to provide users with an official, simple way to report them.

Start from the source: the author page. If someone claims to be a Cointelegraph author or editor, check the "Authors" and "Management Team" tabs for verification. Each author has a profile listing their authored articles and, if applicable, verified social links, such as the information for this article's author (Bradley Peak). Editors are listed under the "Management Team" tab.

Check the email domain and contact channels. Genuine Cointelegraph emails always come from @cointelegraph.com. If in doubt, verify the authenticity of the message using the email addresses listed on the "About/Contact Us" page.

Rationally check the X handle. Look for slight misspellings, recent creation dates, and sparse posting history. Remember, on X, the blue checkmark primarily indicates a paid Premium subscription—not traditional "notable and real" verification. If you suspect impersonation, report it through X's impersonation form; you can submit as a bystander even without an account.

Be cautious of Telegram transfers. Many impersonators will try to move you to Telegram using nearly identical handles. If this happens, verify within the app and report it through Telegram's official @notoscam bot or the reporting option on profiles.

If in doubt, contact through the official website. Do not continue in DMs. Use the contact addresses listed directly on the Cointelegraph website to ensure the correct team confirms the authenticity of the contact.

Double letters, character swaps, or extra underscores can easily be overlooked at a glance. Scammers rely on this. Always check the exact spelling before assuming a profile is real.

A newly created account with only a few posts, no real replies, and much recycled or copied content is a red flag. Impersonators often clone images or copy bios from legitimate profiles to appear mature, but their posting patterns usually expose them.

Quick invitations to Telegram or WhatsApp are one of the oldest tricks. If someone insists on switching platforms, stop and verify who you are talking to. Telegram even operates an official @notoscam bot to report this exact type of fraud.

No Cointelegraph journalist will ask for crypto payments or "reporting fees." Editorial work and sponsored collaborations are handled separately through official channels and are clearly labeled. If someone mentions payment in a DM, it is a scam.

Be wary of similar domain names or messages urging you to click immediately. Legitimate employees never rush communication. If something feels urgent or inappropriate, verify using the contact information directly listed on the Cointelegraph website.

Cointelegraph places a high value on editorial independence. Journalists and editors are not responsible for the placement of sponsored or paid content, and all commercial content is clearly labeled and completely separate from the news editorial team. Readers can always distinguish between editorial reporting and sponsored content.

Verification is simple: every team member has an author page on cointelegraph.com, listing their authored articles and, if applicable, verified social links. If you receive outreach claiming to be from an author, prioritize checking that page or verifying their identity through the contact information listed in the "About" section on the official website.

Cointelegraph is also updating author profiles to include official LinkedIn and X accounts, making it easier for readers and partners to verify identities instantly.

In an industry environment flooded with impersonators, these simple verification steps help ensure communication is transparent, credible, and secure.

Related: Bitcoin (BTC) whales quietly embrace BlackRock ETF after SEC rule changes

Original article: “Fake Social Media Accounts: The Rise of Cointelegraph Impersonators Explained”

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。