I got scammed on Twitter: here's how

I just survived a scam. The damage was small, but the whole thing was wild. I need to share it, so you know what to look out for.

For the context, I’m pretty tech-savvy. I’ve been around social media for years and can spot most scams from a mile away. But this one still got me.

It started with a DM on Twitter. A person named “TorresCampbell8” claimed to be a reporter from TechCrunch, covering AI and tech. He wanted my perspective and asked to schedule a call. That didn’t sound odd. I’ve done similar interviews before, so I checked his profile. It looked legit—he’d been posting or reposting TechCrunch-like articles since last year, and his Twitter account said it was created in 2012. The only tiny red flag was the handle “TorresCampbell8,” but I shrugged it off.

He sent me a Calendly link to book a call via Twitter DM. I clicked. It seemed normal. I got a confirmation email with no Zoom or meeting link, but I figured he’d message one later. Then I went to sleep.

Next morning, I woke up and saw strange comments on one of my Twitter posts—people calling me a scammer. At first, I thought it was just trolls. Then a friend messaged me on WeChat with a screenshot of a tweet from my account pushing a crypto “opportunity.” It even had a contract address. My profile had been changed to say I was the founder of some crypto project. But by the time I checked Twitter, the tweet was gone. Posted overnight while I was asleep, then deleted before I woke up.

I tried to reach out to “Torres,” but he was gone. Blocked me. Ignored my messages. So I dug into Twitter’s settings. I checked “Security and account access” and saw Calendly had permission to read and write tweets. That was it: while I slept, someone likely used that authorization to post a scam tweet.

Looks like they targeted my account because it has a decent following. Scammers posted a “meme coin” link, hoping quick-buck crypto enthusiasts would jump in. And they did. Then the scammer deleted the tweet, so I wouldn’t notice. According to a friend who tracked the contract address, around 100 people fell for it, losing a few thousand dollars in total. Awful.

Everyone got hurt here. I’m a victim. The people who bought that fake coin are victims. Even the media outlet’s reputation got dragged into this. All because these scammers keep evolving.

Then I did a quick search and found a post from a real TechCrunch reporter - Mary(@bayareawriter) talking about this exact scam. That’s where I spotted the same username: TorresCampbell8. Damn.

Here’s what I learned:
• Keep two-step authentication turned on, always.
• Update your passwords often.
• Be careful about app authorizations. Revoke anything you don’t absolutely need.

I’m going through all my accounts, extensions, apps - tightening everything. Stay cautious. If it happened to me, it can happen to anyone.

That’s my story. Stay safe. And always trust your instincts if something feels off.

睡梦中的推特骗局：我被冒牌记者套路了

我刚刚才从一次诈骗中脱身。损失不大，但整个过程太离奇了。我必须分享这个经历，让大家有个防范。

我平时很熟悉网络，用社交媒体也很多年了，自以为能认出各种骗局。但这次还是中招了。

事情是从一个推特私信开始的。一个叫 “TorresCampbell8” 的人，自称是 TechCrunch 的记者，说他在做跟 AI 和科技相关的报道，想找我聊聊。听上去没什么问题。我以前也有接受过类似的采访请求，于是去他资料页看了看。他似乎从去年开始发或转一些看似像 TechCrunch 的文章，账号显示是 2012 年创建的。唯一让我稍微迟疑的是那个 “8” 的尾缀，但我没多想。

他发来一个 Calendly 链接让我约时间。我点开链接，流程看起来很正常，还收到了预定成功的确认邮件。只不过上面没有 Zoom 或其它会议连结，我想也许他会稍后再发。然后我就去睡觉了。

第二天早上醒来，发现我推特底下出现奇怪评论，有人骂我是骗子。一开始我以为又是网络喷子。接着我朋友在微信上发截图给我，说我的账号昨晚发了一条推文，推荐一个所谓的加密项目，还附带了合约地址。我头像和简介都被改了，看起来就像我是什么“创始人”。可等我上推特一看，那条推文已经被删掉。它是在我睡觉时发的，而我还没醒时就被删掉了。

我尝试联系那位 “Torres”，但他已把我拉黑，完全没有回应。于是我进推特的安全设置里翻记录，发现 Calendly 获得了读写我推文的权限。大概就是通过这层授权，对方在我睡着时发了诈骗信息。

估计他们是看中我账号粉丝还算多，就用我的账号发一个“meme coin”的链接，让想快速赚钱的人去买。等交易结束就删文，这样我自己都不会注意到。后来推友追查了那个合约地址，发现大概有上百人上当，损失了好几千美金。真是可怕。

其实大家都是受害者。我本人受到了连累，那些购买假币的人也被骗了，甚至媒体的声誉也被拖下水。这些骗子手段不断进化，叫人防不胜防。

后来我又去搜资料，发现一位真正 TechCrunch 记者 Mary 提过这个骗局。我在她的那篇报道里，又看到了 “TorresCampbell8” 这个熟悉的账号。真是气人。

我从这次经历学到：
• 一定要开两步验证。
• 定期更改密码。
• 对各种应用授权要多留神，能少给就少给。

现在我打算全面排查自己的所有账号、浏览器扩展、授权应用。虽然麻烦，但值当。大家一定要提高警惕。我中招了，你也可能会。

以上就是我的故事。希望你能平安无事，也别忘了凡事多留个心眼。