Several social media accounts and fake websites are currently engaged in a deceptive scheme to sell the popular hacking tool Flipper Zero, targeting cybersecurity professionals in an attempt to trick them into making cryptocurrency transactions. This new form of angler phishing, a type of social media phishing where scammers impersonate legitimate corporate accounts to engage with potential victims, was recently brought to light by security researcher Dominic Alvieri on December 2, 2022.
Alvieri took to Twitter to alert the public about three Twitter accounts and two websites that are posing as the official sellers of Flipper Zero. These fraudulent accounts aim to entice unsuspecting buyers into sending cryptocurrency payments with the promise of receiving the coveted Flipper Zero device in return. However, these scammers have no intention of delivering the product, making this a classic case of online fraud.
Upon closer inspection, Alvieri discovered that one of the fake Twitter accounts closely resembled the official Flipper Zero account. The only discernible difference was the use of a capital “I” instead of a lowercase “l” in the handle after the “F.” This subtle alteration was enough to deceive some users into believing they were interacting with the legitimate seller.
The culprits behind this scam employ various tactics to facilitate their illicit activities, such as linking the checkout page of their fake online shop to Bitcoin and Ethereum wallets. Additionally, they use plisio.net invoices to accept cryptocurrency payments, making it difficult for victims to trace their transactions or recover their funds.
Flipper Zero, a compact cybersecurity tool that resembles a children’s toy, offers a wide array of features for hackers, penetration testers, and cybersecurity enthusiasts. These features include RFID emulation, digital access key cloning, radio communications, NFC, infrared, Bluetooth, and more. Launched through a successful Kickstarter campaign in 2020, Flipper Zero garnered an impressive $4,882,784 in pledges, far surpassing the initial funding goal of $60,000.
Despite its popularity, Flipper Zero has faced challenges due to production issues, leading to supply shortages that have been unable to meet the growing demand for the product. In September 2022, revenue holdbacks by digital payments platform PayPal further jeopardized the project by withholding $1.3 million earmarked for ordering new production batches, as reported by BleepingComputer.
The current scarcity of Flipper Zero devices has created an opportunity for malicious actors to exploit the gap between high demand and limited supply. As a result, cybersecurity professionals must exercise caution when purchasing such sought-after items to avoid falling victim to fraudulent schemes.
As of now, one online shop and two fake Twitter accounts associated with this scam are still operational, highlighting the persistence of these deceptive practices. It is crucial for individuals to remain vigilant and verify the legitimacy of sellers before making any online transactions, especially when dealing with high-demand products like Flipper Zero.