Twitch Channel Clones Used in Phishing Scams to Steal Card Data

By Ava McKinneyOnline Safety

Scammers Create Twitch Channel Clones to Steal Card Information

Online scammers have developed a new scheme targeting users of the Twitch streaming platform. By copying streams from popular gamers, criminals add banners promising easy money, which lead potential victims to phishing websites. Experts from Group-IB have provided detailed information about this new scam.

How the Scam Works

With the onset of COVID-19 restrictions, the popularity of streaming platforms like Twitch surged. Cybercriminals quickly noticed this trend and began exploiting it. During the lockdown period, Twitch broke records: 206 million hours of video content were uploaded, the average number of concurrent viewers reached 1.5 million, and streamersโ€™ earnings jumped to $2,000โ€“$10,000 per month.

Cybercriminals also joined in, and specialists from CERT-GIB uncovered one of their schemes. According to analysts, scammers search for channels of popular Twitch streamers and then create clone accounts that are nearly identical to the originals.

Phishing Through Fake Streams

The scammers then broadcast recordings of original streams from a week earlier, embedding their own banner that offers viewers an opportunity to earn easy money. Typically, this graphic promotes a fake prize giveaway.

Group-IB experts noted that the scammers post a special !inst command in the chat, which directs users who click the banner to a fraudulent website (such as https://winstainq[.]dub/draw).

How Victims Are Tricked

On the phishing site, victims are promised a payout of up to $5,000, but to receive it, they are asked to pay a โ€œsmall commission.โ€ If the user is gullible enough, they enter their bank card details (number, cardholder name, expiration date, CVV code) on the phishing site, which are then stolen by the cybercriminals.

To attract viewers to the fake channel, scammers use view-boosting services to push their clone to the top of search results. To make the scam more convincing, they post fake reviews from supposed winners and even use comments from the real stream.

Stay Safe Online

  • Always verify the authenticity of Twitch channels before participating in any giveaways or promotions.
  • Never enter your bank card details on suspicious websites.
  • Be cautious of offers that seem too good to be true, especially those promising easy money.
  • Report suspicious channels and phishing attempts to Twitch and relevant authorities.

Leave a Reply