How cybercriminals are exploiting digital twins to scam crypto users

How cybercriminals weaponize digital twins to scam crypto users

In the crypto world, where anonymity and trustless transactions reign supreme, digital twins have emerged as a potent tool for cybercriminals to exploit. Scammers can take advantage of the decentralized, unregulated nature of crypto platforms to perpetrate these frauds. 

Here’s a deeper look at how scammers weaponize digital twins:

• Identity cloning: Cybercriminals gather personal data from social media, data breaches and other online sources to create a highly accurate digital twin of a real person. This might include images, voice recordings, writing style and even behavioral patterns. Once the digital twin is created, it can be used to impersonate individuals and gain trust from others in the crypto community.
• Fake influencers or advisers: Crypto influencers, who often command significant trust and attention, are prime targets for digital twin scams. By replicating their speech patterns, mannerisms and even generating deepfake videos, scammers can pose as trusted personalities in the space. These fake versions may promote fraudulent investment schemes, fake tokens or manipulate users into sending crypto to scam wallets.
• Synthetic KYC (Know Your Customer) scams: Some digital twins are created to bypass KYC processes on exchanges or decentralized finance (DeFi) platforms. Attackers can generate fake identities and provide forged documents or images to appear legitimate, gaining access to accounts or executing unauthorized transactions. This can enable criminals to launder stolen funds or impersonate legitimate traders.
• Phishing with personalization: Phishing scams in the crypto space often target individuals with highly personalized messages. When a scammer creates a digital twin of a known figure, they can tailor their communications to appear more convincing. By using these personalized messages, they trick victims into clicking on malicious links, giving away private keys or downloading harmful software.

Did you know? In 2023, a Hong Kong finance employee was tricked into transferring $25 million after joining a video call with what turned out to be deepfake versions of their colleagues, generated using publicly available footage.

Examples of digital twin-related scams in crypto

While digital twin scams in crypto might sound futuristic, they’re already happening, and AI is a big part of the problem. These scams don’t always rely on evil digital twins alone; many use deepfake videos, AI-generated profiles and hallucinated interfaces to deceive users. 

Here are some real-world examples:

• Deepfake CEO scam defrauds chief financial officer via video call: In a sophisticated attack, scammers created digital avatars of a company’s CEO and executives using publicly available video materials. They conducted a video call with the company’s chief financial officer, convincing him to transfer funds under false pretenses. The digital twins were so convincing that the executive did not suspect foul play during the call.
• UI spoofing mimics trusted crypto platforms: Cybercriminals have employed UI spoofing to create near-perfect replicas of legitimate cryptocurrency platforms. These counterfeit interfaces trick users into entering sensitive information or making transactions, believing they are interacting with the real platform. The high fidelity of these digital twins makes them particularly dangerous, as they can bypass traditional security measures.
• AdmiralsFX scam uses deepfakes to lure investors: A large-scale scam operated by a call center in Tbilisi, Georgia, used deepfake videos of celebrities to promote a fraudulent cryptocurrency investment platform called AdmiralsFX. Victims were shown AI-generated videos of public figures endorsing the platform, leading them to invest substantial amounts of money. The operation defrauded over 6,000 individuals, highlighting the potent combination of deepfake technology and social engineering.

How to spot interactions with evil digital twins: 6 Red flags

Digital twin scams rely on sophisticated impersonation techniques, and scammers often use synthetic identities to build trust and manipulate their targets. 

To help you stay alert, here are six red flags that can help you identify interactions with synthetic identities. Watch for these warning signs to protect yourself from falling victim to fraud.

Digital twin scams in crypto often hide behind polished, AI-generated responses that sound perfect but lack authenticity. If someone avoids live video calls and instead offers pre-recorded clips or deepfakes, be skeptical. Real people show up. 

Scammers frequently use urgency, pushing you to act fast with phrases like “limited offer” to bypass your judgment. One major red flag is receiving unverified crypto requests via DMs — legit professionals don’t do that. Always check profiles for inconsistencies like low follower counts or recent creation dates. 

Finally, be wary if someone insists on sticking to one platform and refuses to switch to secure or verified channels. These tactics combined often signal a coordinated scam using digital twin or AI deception.

Did you know? Unlike traditional simulations, digital twins are dynamic virtual environments powered by real-time data. While a simulation models one process, a digital twin can run multiple simulations at once, constantly learning and adapting through a live feedback loop.

Can blockchain help prevent digital twin-powered crypto scams?

While blockchain technology is often targeted by cybercriminals due to its decentralized and pseudonymous nature, it also holds the potential to offer powerful solutions for combating digital twin-based scams.

Blockchain, with its transparent and immutable features, provides unique tools that can help verify identities and secure transactions, making it harder for scammers to manipulate the system. Leveraging blockchain’s capabilities introduces robust security layers that verify the legitimacy of interactions, helping reduce fraud, identity theft and digital impersonation.

• Onchain identity verification: One of the most important developments in blockchain technology is the concept of decentralized identity (DID). With DID, individuals can verify their identity on the blockchain without relying on centralized authorities. This ensures that scammers cannot create synthetic identities without being detected. Blockchain provides a transparent, secure and verifiable system for managing identities, reducing the risk of impersonation.
• NFT identity markers: Some platforms use non-fungible tokens (NFT) as a form of digital identity. NFTs are unique and traceable on the blockchain, which makes it much harder to clone someone’s identity. If you’re engaging with a person who has a verified NFT identity, you can be more confident that they are who they claim to be.
• Immutable audit trails: Every transaction on the blockchain is permanently recorded and timestamped. This means that if someone tries to impersonate another person or create a fraudulent identity, their actions leave a trace. If a synthetic identity is used to scam individuals, the blockchain’s audit trail can help authorities track the perpetrator.
• Smart contract protections: Smart contracts on blockchain can be used to implement certain safeguards. For instance, smart contracts can include identity verification processes, ensuring that transactions aren’t processed unless the user’s identity is verified. This can help prevent users from sending crypto to scammers using fake identities.

While not a silver bullet, blockchain can significantly strengthen trust and security in increasingly AI-powered digital environments.