Cybersecurity analyst Serpent has revealed his picks for the most dastardly crypto and nonfungible token (NFT) scams currently active on Twitter.

The analyst, who has 253,400 followers on Twitter, is the founder of artificial intelligence and community-powered crypto threat mitigation system, Sentinel.

In a 19-part thread posted on Aug. 21, Serpent outlined how scammers target inexperienced crypto users through the use of copycat websites, URLs, accounts, hacked verified accounts, fake projects, fake airdrops and plenty of malware.

One of the more worrisome strategies comes amid a recent spate of crypto phishing scams and protocol hacks. Serpent explains that the Crypto Recovery Scam is used by bad actors to trick those who have recently lost funds to a widespread hack, stating:

“Simply put, they attempt to target people who have already been scammed, and claim they can recover the funds.”

According to Serpent, these scammers claim to be blockchain developers and seek out users that have fallen victim to a recent large-scale hack or exploit, asking them for a fee to deploy a smart contract that can recover their stolen funds. Instead, they “take the fee and run.”

This was seen in action after the multimillion-dollar exploit affecting Solana wallets earlier this month, with Heidi Chakos, the host of the YouTube channel Crypto Tips, warning the community to watch out for scammers offering a solution to the hack.

Another strategy also leverages recent exploits. According to the analyst, the Fake Revoke.Cash Scam, tricks users into visiting a phishing website by warning them that their crypto assets may be at risk, using a “state of urgency” to get users to click the malicious link.

Source: @Serpent on Twitter

Another strategy uses Unicode Letters to make a phishing URL look almost exactly like a genuine one, but replacing one of the letters with a Unicode lookalike. Meanwhile, another strategy sees scammers hack a verified Twitter account, which is then renamed and used to impersonate someone of influence to shill fake mints or airdrops.

The remaining scams target users wanting to get in on a get-rich-quick scheme. This includes the Uniswap Front Running Scam, often seen as spam bot messages telling users to watch a video on how to “make $1400/DAY front-running Uniswap,” which instead tricks them into sending their funds to a scammer’s wallet.

Another strategy is known as a Honeypot Account, where users are supposedly leaked a private key to gain access to a loaded wallet. But, when they attempt to send crypto in order to fund the transfer of coins, they are immediately sent away to the scammers’ wallets via a bot. 

Other tactics involve asking high-value NFT collectors to “beta test” a new play-to-earn (P2E) game or project or commissioning fake work to NFT artists. But, in both cases, the ruse is merely an excuse to send them malicious files that can scrape browser cookies, passwords and extension data.

Related: Aurora Labs exec details ‘fascinating and devious’ crypto scam he almost fell for

Last week, a report from Chainalysis noted that revenue from crypto scams fell 65% in 2022 so far due to falling asset prices and the exit of inexperienced crypto users from the market. Total crypto scam revenue year-to-date is currently sitting at $1.6 billion, down from roughly $4.6 billion in the prior year.