Identifying Media Impersonators: Key Tips and Techniques

If you’re a tier-1 crypto media sales representative in 2025, it’s likely that someone is impersonating you.

Often, this involves counterfeit Telegram, X, or LinkedIn accounts that offer “Tier-1 PR” to unsuspecting companies, only to later request a personal USDT wallet address for payment. Cointelegraph has encountered numerous such incidents.

In October 2025, a Telegram profile named “Tobias Vilkenson | Cointelegraph” messaged BNB Chain to “set up a time to chat and feature BNB Chain in a Cointelegraph article,” while linking to an X account with the same name boasting over 6,000 followers. This is a classic impostor tactic: leveraging a newsroom’s credibility and pushing targets into private direct messages (DMs) where the scam continues.

Other Cointelegraph journalists, including Erhan Kahraman, Turner Wright, and Amin (Ruholamin) Haqshanas, have also reported impersonators using their identities and images this year.

It’s not just Cointelegraph: Impersonators are rampant in 2025

Impersonation has emerged as one of crypto’s most prevalent social-engineering tactics this year, used to steal data, deplete wallets, and confuse trusted media with outright fraud. Here are a few notable instances.

August 2025: Fake CoinMarketCap “journalists”

Several crypto projects received interview requests from email addresses like team-coinmarketcap.com, along with matching X accounts claiming to be former CoinMarketCap reporters.

During the “meetings,” impostors prompted participants to modify Zoom settings and approve remote-control requests, thereby granting scammers access to their devices. CoinMarketCap later confirmed this outreach was fraudulent and issued a public warning.

September 2025: The Empire podcast trap

Scammers replicated the branding of the popular Empire podcast and invited influencers to “record interviews” via fake StreamYard and Huddle links. These downloads secretly installed AMOS stealer malware on macOS, capturing browser cookies and crypto wallet information.

April 2025: Hong Kong deepfake officials

A hyper-realistic AI-generated video of Hong Kong Chief Executive John Lee Ka-chiu surfaced online, promoting an “official investment plan.” Authorities swiftly debunked the video and traced the scheme back to a Telegram group linked to overseas scammers. Just weeks earlier, a similar deepfake featuring the city’s financial secretary was used to promote a nonexistent “National Hong Kong Coin.”

March 2025: “Binance support” text scam

More than 100 Australians received SMS messages claiming their Binance accounts had been compromised. Victims were instructed to transfer funds to a “secure wallet” for protection, which was actually controlled by the scammers.

Summer 2025: Fake regulators on the rise

The UK’s Financial Conduct Authority (FCA) received nearly 5,000 reports in the first half of 2025 from individuals contacted by impersonators posing as FCA staff. The messages typically started with sentences like “We’ve recovered your crypto funds” and concluded with requests for personal information or wallet access.

In all these situations, the pattern is consistent: a familiar identity, a swift transition to private channels, and a request that deviates from standard procedures, whether it involves downloads, wallet transfers, or “verifications.”

This is social engineering masked in crypto branding, and it succeeds because it often appears legitimate at first glance. This highlights the crucial need for thorough verification steps—checking author pages, domains, and official contact links—now more than ever.

Did you know? In 2024, impersonation scams alone accounted for $2.95 billion in reported consumer losses in the US.

What’s behind the rise in impersonation?

Two significant developments have caused impersonation to skyrocket in 2025.

First, X revamped its trusted verification system, introducing various monetized tiers for access to premium features. The blue check no longer denotes authenticity; it merely indicates that the user subscribes to X Premium. The previous “notable and verified” badges have been removed, and while ID verification exists, it is optional and inconsistently enforced.

This has resulted in a chaotic environment where cloned accounts can easily appear as legitimate as the original ones. Some scammers even purchase Premium subscriptions to enhance the credibility of their fakes.

Second, impersonation scams are proliferating across various industries, not just in crypto. The US Federal Trade Commission (FTC) documented $12.5 billion in consumer fraud losses last year, the highest ever recorded, with cases among older adults increasing more than fourfold.

The Federal Bureau of Investigation’s Internet Crime Complaint Center report lists phishing and spoofing as the top complaint categories, making it one of the most lucrative forms of online crime, particularly in the crypto sector where interactions occur publicly and everyone can be reached via DMs.

Impersonation is not limited to random scammers; even regulators have been targeted. In January 2024, the US Securities and Exchange Commission’s official X account was hijacked in a SIM-swap attack, briefly announcing a fake Bitcoin (BTC) exchange-traded fund approval that impacted market movements before the post was corrected.

If an entire government agency can be impersonated, imagine how straightforward it is to deceive a single journalist.

The impostor playbook

Here’s how these scams typically unfold, based on firsthand accounts and platform data from this year:

• “Let’s feature you — can we move to Telegram?” The scenario often initiates with a polite DM from a recognizable name on X, followed by a request to continue the discussion on Telegram. The cloned handle appears almost identical to the real one.

• They inquire about fees or “expedited coverage” — a clear warning sign. Cointelegraph’s sponsored content is distinctly labeled and managed by a separate commercial team. No reporter ever asks for money to feature a story. If someone does, it’s likely a scam or, at best, a bogus PR pitch masquerading as editorial.

• They provide a “quick Zoom” or “verification link.” Phishing emails and DMs frequently mimic staff names or spoof company domains to create a sense of urgency — messages like “just confirm these details” or “click here to schedule.” The FTC advises: Don’t click on anything unexpected. Always verify the contact through a known channel.

• Look-alike handles and hollow profiles are prevalent. On X, scammers often rely on slight misspellings, recently created accounts, and copy-pasted posts. Many even acquire Premium for the blue check. X’s policy technically forbids “misleading and deceptive identities,” but reporting and removal typically lag behind the scams.

• They apply pressure and secrecy. You might see phrases like “Keep this confidential” or “We need this done in an hour.” Occasionally, they request a crypto wallet address “for verification” or “reward distribution.” These should serve as red flags. They are clear indicators of social-engineering attacks identified by cybersecurity agencies worldwide.

If any of these signs appear in your inbox or DMs, pause before responding. The next section outlines a one-minute verification routine that can protect you and your project from falling prey to impostors.

Did you know? Telegram launched @notoscam in response to the surge in impersonation scams—fake accounts posing as trusted figures or media brands—illuminating the need for an official, user-friendly reporting mechanism.

Verify Cointelegraph in 60 seconds

1. Start with the source: the author page. If someone claims to be a Cointelegraph writer or editor, check the website first. Every author has a profile detailing their bylines and, where applicable, verified social links, such as the one for this article’s author (Bradley Peak).

2. Examine the email domain and contact channels. Authentic Cointelegraph emails always originate from @cointelegraph.com. If you’re uncertain, utilize the addresses listed on the About/Get in Touch page to verify the outreach before responding.

3. Double-check the X handle. Look out for subtle misspellings, recent creation dates, and sparse post activity. Remember that on X, a blue check primarily indicates a paid Premium subscription—not the traditional “notable and authentic” verification. If you suspect a fake, report it through X’s impersonation form; you can even report it without an account.

4. Be cautious of the Telegram transition. Many impersonators will attempt to move you to Telegram using a nearly identical handle. If that occurs, verify in-app and report it via Telegram’s official @notoscam bot or the profile’s Report option.

5. When in doubt, channel through the official site. Avoid continuing the dialogue in DMs. Use the contact addresses listed on Cointelegraph’s website so the appropriate team can validate whether the outreach is genuine.

Five quick ways to identify a fake account

1. The handle appears almost correct—but not quite

Double letters, swapped characters, or an extra underscore can easily go unnoticed at first glance. Scammers exploit that. Always verify the exact spelling before assuming a profile is legitimate.

2. The profile history is questionable

A newly created account with minimal posts, no genuine interactions, and a plethora of recycled or copied content is a significant warning sign. Impostors often replicate images or bios from authentic profiles to appear credible, but their posting behaviors typically give them away.

3. They aim to move the conversation off the platform quickly

A swift invitation to Telegram or WhatsApp is an age-old trick. If someone insists on transitioning platforms, pause and verify their identity. Telegram even has an official @notoscam bot for reporting this specific fraud.

4. They mention money or “expedited coverage”

No Cointelegraph reporter will ever solicit crypto payments or “coverage fees.” Editorial work and sponsored partnerships are managed separately through official channels and are clearly marked as such. If someone mentions payment in a DM, it’s likely a scam.

5. The email or link seems off

Be alert for near-miss domains or messages urging immediate action. Legitimate staff will never rush communication. If anything appears urgent or out of context, verify it using the contact information provided directly on Cointelegraph’s website.

Cointelegraph’s commitment to its readers

At Cointelegraph, editorial independence is paramount. Reporters and editors do not manage sponsorships or paid placements, and all commercial content is clearly marked and kept separate from the newsroom. Readers can readily distinguish between editorial coverage and sponsored content.

Verification is straightforward: Every team member has an author page on cointelegraph.com featuring their bylines and, where relevant, verified social links. If you receive outreach purporting to be from one of our writers, check that page first or contact through the addresses listed in the About section of the website.

Cointelegraph is also in the process of updating author bios to include official LinkedIn and X handles, enabling readers and partners to confirm identities swiftly.

In an industry crowded with impostors, these simple verification steps contribute to maintaining transparent, credible, and safe communication for all.