Meta Threads Faces Surge of Mr Beast-Themed Crypto Scam Spam
The bait is deceptively simple. The fabricated headlines promise that Mr Beast is launching a new venture or handing out money if users follow a link. The bouquet image, seemingly unrelated, keeps readers engaged long enough to notice a hidden URL tucked into the reply’s text or buried behind a call to action that urges users to “search for a promo code.” Once clicked, visitors land on a chain of malicious crypto‑casino sites.
Security researcher Zach Edwards of Infoblox traced more than 10,000 domains to a single network of “crypto casino” sites. Edwards explained that the sites lure users with free‑reward or sign‑up‑bonus promises, then present simple slot‑machine games that claim instant deposits and withdrawals. After playing, the sites request credit‑card details or crypto‑wallet addresses under the pretext of processing a withdrawal.
Engadget’s investigation uncovered dozens of Threads accounts repeatedly posting the Mr Beast reply spam. Some accounts have amassed hundreds of thousands of views in the past month, while a handful report nearly a million views in Threads’ public metrics. The spam does not contain obvious hyperlinks; instead, URLs are embedded in the post text or hidden behind a generic CTA. Edwards believes this approach is a form of A/B testing that lets scammers gauge which variations attract the most visibility before AI detection systems flag them.
Malwarebytes’ head of consumer, Mark Beare, noted that Threads’ algorithm rewards replies, with roughly half of all views coming from reply posts. By replying to high‑profile threads, scammers boost the likelihood of being seen. Beare also pointed out that Mr Beast is a frequent target, with mentions of the YouTuber outnumbering other celebrities such as Elon Musk.
The low‑resolution screenshots themselves are fabricated. The fake Times articles claim that Mr Beast is launching a new project or giving away money if users visit a sketchy website. The second image—often a bouquet of flowers with an iPhone—adds a visual distraction. Together, the fake headline and unrelated image keep users engaged long enough to notice the hidden link.
Meta has removed some accounts linked to the scam network, but the persistent volume of posts suggests enforcement is lagging. The company has not publicly commented on the issue, and it is unclear how much Meta’s AI detection models are being applied to this specific tactic. Beare said that Meta’s models are “very good” on Facebook, but the priority for addressing this new form of spam remains uncertain.
The scam network’s use of Meta Pixel and X ads indicates that operators are investing heavily in advertising to drive traffic to their sites. Edwards believes the scammers are active on other platforms as well, noting similarities to a wave of spam that targeted Discord last year.
The broader context of the scam is the rise of crypto‑casino fraud. These sites often lack licensing and operate from offshore jurisdictions. They lure users with free‑money offers, only to trap them in a cycle of deposits and withdrawals that ultimately benefit the operators.
In summary, Meta Threads is currently experiencing a sustained campaign of Mr Beast‑themed spam that promotes a network of crypto‑casino scams. The posts use low‑resolution fake news screenshots, obscure URLs, and reply‑based amplification to evade detection. While Meta has removed some offending accounts, the persistence of the spam suggests that additional moderation resources and algorithmic updates may be needed to curb the campaign.