News

Did MultiChoice just advertise an NFT scam on Twitter?

Brendyn Lotz

17th August 2023

A post that appears to have been an advert for an NFT scam seems to have been posted to the MultiChoice and DStv Twitter accounts.
The adverts direct users to a website which seems to steal crypto wallet details in a phishing scheme.
MultiChoice has yet to respond to our questions about what happened. For now avoid clicking links from ads purporting to be from the brand and its affiliates.

As with most mornings, we spotted something odd on Twitter. Yes, we know Twitter is odd in and of itself but this was, odder.

Technology entrepreneur Andy Hadfield quote tweeted a post that appeared to come from the verified account of the MultiChoice Group.

We’ve included a screenshot with what was later discovered to be a potentially dangerous URL blocked out.

The post in question – which has since been deleted – directs folks to a website for the BoldApe non-fungible token (NFT) except the URL in that post isn’t the correct address. Clicking that link will take you to a website where you can’t click any element of the page and after a few seconds a pop appears asking you to “connect your wallet”. To be clear BoldApe is a legitimate NFT project and it appears as if its name is simply being leveraged to lure victims in.

Seemingly tempted by the prospect of getting in early on this NFT, Hadfield connected his wallet and…

“Have at my $0.03 of shitcoins scammers. But it was very easy to fall for it. Stay safe out there Web3 Warriors,” wrote Hadfield.

It appears then as if the URL shared in the post was a phishing scam and a convincing one at that, even if there are red flags.

For one, the official BoldApe website uses an entirely different gTLD as featured on the official Twitter account. The second was the bizarre behaviour of the website not allowing users to click anything at all or right-click.

*The scam site on the left and the legitimate site on the right.*

The same thing seemingly happened on the DStv Twitter account which pointed to another URL that featured the same gTLD as the BoldApe post did.

However, putting the scam aside for a second, how did this appear on MultiChoice’s account?

We contacted the company to find out and at first there was some confusion. This is because the tweet didn’t appear on MultiChoice’s Twitter profile. The reason for this is likely down to the fact that the post was published as an advert.

Twitter or X Ads requires companies to use a separate ad.twitter.com website. Posts published in this manner don’t appear on the main profile and will instead be served via this advertising profile.

Hypertext is in contact with MultiChoice regarding this matter and it has yet to confirm how these posts appeared on its official social media accounts.

Given that the post has been deleted and the tone of the response we’ve received in communication with the firm, these posts more than likely weren’t published by MultiChoice and may have potentially been posted by a bad actor with access to the firm’s accounts. Without confirmation from the company however, this is purely our analysis based on the available information.

We will update this story once we have more information from MultiChoice. For now, we recommend our readers avoid clicking any links from advertising published by MultiChoice and its affiliate brands on Twitter/X until we can verify all is clear.

About Author

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.