Two verified accounts with 79k combined followers independently report the same scam: a person with a genuine Shuffle affiliate badge is targeting users on Telegram with malicious PowerShell prompts disguised as Teams updates.

Two high-follower accounts independently report same PowerShell scam via Shuffle affiliate

Two prominent crypto and casino community accounts, @CryptoZachLA (67k followers) and @byzianna_ (12k followers), independently reported being targeted by the same elaborate scam involving a verified Shuffle affiliate badge. The scammer, using the Telegram handle @anneliesewillo, approached both individuals, negotiated sponsorship terms over the course of a week, and then directed them to run a malicious PowerShell prompt disguised as a Microsoft Teams update.

According to @CryptoZachLA, who has a background in operational security, the scam unravelled when the Teams download failed repeatedly on the scammer's end. When he was told to run a 'workaround' PowerShell command, he immediately flagged it as suspicious, analysed it in Claude, and found it malicious. @byzianna_ similarly reported being asked to run a PowerShell for a Teams meeting, calling out Shuffle for granting affiliate badges to scammers.

Both accounts publicly called on Shuffle to vet their affiliates more rigorously, with @CryptoZachLA emphasising how the scammer had a legitimate-looking badge and had already negotiated pricing. A third account, @Lynn_Wha (1.2k followers), corroborated the reports, agreeing that affiliates need much stricter vetting.

The reports raise serious concerns about Shuffle's affiliate programme and whether players can trust the security of partnerships brokered through the casino's official channels. Until Shuffle demonstrates robust vetting and transparency, players should exercise caution when contacted by any representative, even one with a valid affiliate badge.