Tuesday, October 21, 2025
Home > Exchanges > How to Spot Media Impersonators

How to Spot Media Impersonators

bossExchanges, News

If you’re a tier-1 crypto media sales representative in 2025, chances are you have an impersonator.

These are often fake Telegram, X or LinkedIn accounts offering “Tier-1 PR” to unsuspecting businesses, only to share a personal USDT wallet address when it’s time to pay. Cointelegraph has seen plenty of such cases.

In October 2025 alone, a Telegram profile styled as “Tobias Vilkenson | Cointelegraph” messaged BNB Chain to “set up a time to chat and feature BNB Chain in a Cointelegraph article,” linking to an X account under the same name with more than 6,000 followers. It’s a textbook impostor play: borrowing a newsroom’s credibility, promising coverage and moving targets into private direct messages (DMs) where the scam continues.

The real Tobias is understandably frustrated — as are Erhan Kahraman, Turner Wright, Amin (Ruholamin) Haqshanas and others on the editorial team who’ve reported scammers using their names and photos this year.

It’s not just Cointelegraph: Impersonators are everywhere in 2025

Impersonation has become one of crypto’s most common social-engineering tactics this year: used to steal data, drain wallets and blur the line between trusted media and outright fraud. Here are a few examples.

August 2025: Fake CoinMarketCap “journalists” 

Several crypto projects received interview requests from email addresses such as team-coinmarketcap.com and matching X accounts posing as former CoinMarketCap reporters.

Once the “meeting” began, the impostors asked participants to adjust Zoom settings and approve a remote-control request, instantly granting the scammers access to their devices. CoinMarketCap later confirmed the outreach was fake and issued a public warning.

September 2025: The Empire podcast trap

Scammers cloned the branding of the popular Empire podcast and invited influencers to “record interviews” through fake StreamYard and Huddle links. The downloads silently installed AMOS stealer malware on macOS, siphoning browser cookies and crypto wallet data.

April 2025: Hong Kong deepfake officials

A realistic AI-generated video of Hong Kong Chief Executive John Lee Ka-chiu circulated online, promoting an “official investment plan.” Authorities quickly debunked it and traced the scheme to a Telegram group tied to overseas scammers. Just weeks earlier, a similar deepfake featuring the city’s financial secretary promoted a fake “National Hong Kong Coin.”

March 2025: “Binance support” text scam

Over 100 Australians received SMS messages claiming their Binance accounts had been compromised. Victims were told to move funds to a “secure wallet” for protection, which, of course, belonged to the attackers.

Summer 2025: Fake regulators on the rise

The UK’s Financial Conduct Authority (FCA) received nearly 5,000 reports in the first half of 2025 from individuals contacted by impostors posing as FCA staff. The scripts often began with lines like “We’ve recovered your crypto funds” and ended with requests for personal information or wallet access.

Across all these cases, the pattern is the same: a familiar identity, a quick pivot to private channels and a request that breaks normal process, whether it’s a download, a wallet transfer or a “verification.”

It’s social engineering dressed in crypto branding, and it works because it looks legitimate at first glance. That’s exactly why clear verification steps — checking author pages, domains and official contact links — matter more than ever.

Did you know? In 2024, impersonation (or “impostor”) scams alone were responsible for $2.95 billion in reported consumer losses in the US.

Why is impersonation rising now?

Two big shifts made impersonation explode in 2025.

First, X has overhauled its trusted verification system, replacing it with various monetized tiers for access to premium perks. The blue check no longer signals authenticity: It simply indicates that the user pays for X Premium. The old “notable and verified” badges are gone, and while ID verification exists, it’s optional and inconsistently enforced.

The result is a messy landscape where cloned accounts can appear just as legitimate as the real ones. Some scammers even purchase Premium to make their fakes seem more credible.

Second, impersonation scams are booming across industries, not just in crypto. The US Federal Trade Commission (FTC) recorded $12.5 billion in consumer fraud losses last year, the highest on record, with impersonation cases among older adults rising more than fourfold.

The Federal Bureau of Investigation’s Internet Crime Complaint Center report lists phishing and spoofing among the top complaint categories. It has become one of the most profitable forms of online crime, and the crypto sector, where everything happens in public and everyone is reachable through DMs, remains a prime target.

It’s not just random scammers; even regulators have been impersonated. In January 2024, the US Securities and Exchange Commission’s official X account was hijacked in a SIM-swap attack and briefly announced a fake Bitcoin (BTC) exchange-traded fund approval, moving markets before the post was corrected.

If an entire government agency can be cloned or compromised, imagine how easy it is to fake a single journalist.

The impostor playbook

Here’s how these scams typically unfold, based on firsthand reports and platform data from this year:

  • “Let’s feature you — can we move to Telegram?” It often starts with a polite DM from a familiar name on X, followed by a request to continue the conversation on Telegram. The cloned handle there looks almost identical to the real one.

  • They ask for fees or “expedited coverage” — a classic tell. Cointelegraph’s sponsored content is clearly labeled and managed by a separate commercial team. No reporter will ever ask you for money to be featured. If someone does, it’s a scammer or, at best, a fake PR pitch posing as editorial.

  • They send a “quick Zoom” or “verification link.” Phishing emails and DMs often copy staff names or spoof company domains to create urgency — messages like “just confirm these details” or “click here to schedule.” The FTC’s advice is simple: Don’t click anything you didn’t expect. Always verify the contact through a known channel.

  • Look-alike handles and empty profiles are common. On X, scammers rely on slight misspellings, recent account creation dates and copy-pasted posts. Many even purchase Premium for the blue check. X’s policy technically prohibits “misleading and deceptive identities,” but reporting and removal often lag behind the scams.

  • They use pressure and secrecy. You’ll see lines like “Keep this confidential” or “We need this done in an hour.” Sometimes they ask for a crypto wallet address “for verification” or “reward distribution.” Those are hard stop signs. They’re clear hallmarks of social-engineering attacks flagged by cybersecurity agencies worldwide.

If any of this shows up in your inbox or DMs, stop before responding. The next section walks you through a one-minute verification routine that can save you and your project from falling into an impostor’s trap.

Did you know? Telegram launched @notoscam after impersonation scams — fake accounts posing as trusted figures or media brands — surged to the point that users needed an official, easy way to report them.

Verify Cointelegraph in 60 seconds

  1. Start at the source: the author page. If someone claims to be a Cointelegraph writer or editor, check the website first. Every author has a profile listing their bylines and, where applicable, verified social links, such as the one for this article’s author (Bradley Peak).

  2. Check the email domain and contact channels. Real Cointelegraph emails always come from @cointelegraph.com. If you’re unsure, use the addresses listed on the About/Get in Touch page to verify the outreach before replying.

  3. Sanity-check the X handle. Watch for subtle misspellings, recent creation dates and thin post history. Remember that on X, a blue check mainly indicates a paid Premium subscription — not the legacy “notable and authentic” verification. If you spot a suspected fake, report it through X’s impersonation form; you can even file it as a bystander without an account.

  4. Watch for the Telegram pivot. Many impostors will try to move you to Telegram using a near-identical handle. If that happens, verify in-app and report it through Telegram’s official @notoscam bot or the profile’s Report option.

  5. When in doubt, route through the official site. Don’t continue in DMs. Use the contact addresses listed on Cointelegraph’s website so the right team can confirm whether the outreach is real.

Spam, Social Media, Scams, How to, Social Engineering

Five quick ways to spot a fake account

1. The handle looks almost right — but not quite

Double letters, swapped characters or an extra underscore are easy to miss at a glance. Scammers rely on that. Always check the exact spelling before assuming a profile is real.

2. The profile history doesn’t make sense

A newly created account with only a handful of posts, no real replies and lots of recycled or copied content is a red flag. Impostors often clone images or bios from legitimate profiles to appear established, but their posting patterns usually give them away.

3. They try to move the chat off-platform quickly

A quick invitation to Telegram or WhatsApp is one of the oldest tricks in the book. If someone insists on switching platforms, stop and verify who you’re talking to. Telegram even operates an official @notoscam bot for reporting this exact type of fraud.

4. They mention money or “expedited coverage”

No Cointelegraph reporter will ever ask for crypto payments or “coverage fees.” Editorial work and sponsored partnerships are handled separately through official channels and are clearly labeled as such. If someone mentions payment in a DM, it’s a scam.

5. The email or link feels off

Watch for near-miss domains or messages urging you to click immediately. Legitimate staff never rush communication. If something feels urgent or out of place, verify it using the contact information listed directly on Cointelegraph’s website.

Cointelegraph’s commitment to readers

At Cointelegraph, editorial independence is non-negotiable. Reporters and editors do not handle sponsorships or paid placements, and all commercial content is clearly labeled and kept separate from the newsroom. Readers can always tell the difference between editorial coverage and sponsored material.

Verification is simple: Every team member has an author page on cointelegraph.com with bylines and, where relevant, verified social links. If you receive outreach claiming to be from one of the writers, check that page first or make contact through the addresses listed in the About section of the website.

Cointelegraph is also updating its author bios to include official LinkedIn and X handles, allowing readers and partners to confirm identities instantly.

In an industry crowded with impostors, these small verification steps help keep communication transparent, credible and safe for everyone.

Source

Related Articles

Bybit’s Phantom Hacker Becomes Ethereum’s Shadow Whale by Fragmenting Fortune Across 54 Wallets

Bitcoin hitting $220K ‘reasonable’ in 2025, says gold-based forecast

Japan Drives Cardano (ADA) Trading Surge as Price Battles $0.70 Resistance