Kaspersky Lab products blocked more than a hundred thousand triggers related to cryptocurrencies on fake exchanges and other sources.
Kaspersky Lab experts have revealed a relatively new fraudulent trend: the development of cryptocurrency is not only attracting investors but also cyber-criminals seeking to boost their profits. During the first half of 2018, Kaspersky Lab products blocked more than a hundred thousand triggers related to cryptocurrencies on fake exchanges and other sources. With each attempt, criminals have been trying to involve more and more unsuspecting users in fraudulent schemes. The cryptocurrency phenomenon and the growth of a keen audience of cryptocurrency owners were never going to go unnoticed by cyber-criminals. To achieve the nefarious goals they typically use classical phishing techniques, however, these often go beyond the ‘ordinary’ scenarios we have become familiar with. By drawing inspiration from ICO (initial coin offering) investments and the free distribution of crypto coins, cybercriminals have been able to profit from both avid cryptocurrency owners and rookies alike.
Some of the most popular targets are ICO investors, who seek to invest their money in start-ups in the hope of gaining a profit in the future. For this group of people, cyber-criminals create fake web pages that simulate the sites of official ICO projects or try to gain access to their contacts so they can send a phishing email with the number of an e-wallet for investors to send their cryptocurrency to. The most successful attacks use well-known ICO projects. For example, by exploiting the Switcher ICO using a proposal for the free distribution of coins, criminals stole more than $25,000 worth of cryptocurrency after spreading the link through a fake Twitter account.
Another example is the creation of phishing sites for the OmaseGo ICO project, which enabled scammers to earn more than $1.1m worth of the cryptocurrency. Of equally great interest among criminals were rumours surrounding the Telegram ICO, which resulted in the creation of hundreds of fake sites that were collecting "investments."
Another sought-after trend involves cryptocurrency giveaway scams. The method of choice involves requesting that victims send a small amount of cryptocurrency, in exchange for a much larger payout of the same currency in the future.
Criminals have even used the social media accounts of well-known individuals, such as business magnate Elon Musk and the founder of Telegram messenger Pavel Durov. By creating fake accounts or replying to tweets from legitimate users through fake accounts, criminals are able to confuse Twitter users into falling for the scam by clicking on replies from fraudulent accounts.
According to Kaspersky Lab’s rather rough estimates, criminals managed to earn more than 21,000 ETH (The Ether cryptocurrency, which uses blockchain generated by the Ethereum platform) or over $10m at the current exchange rate using the above-described schemes over the past year
To protect their cryptocurrencies, users advise users to follow a few simple rules:
-Users need to note that there is no such thing as a free lunch and treat offers that seem too tempting to be true with scepticism.
-Check official sources for information regarding the free distribution of cryptocurrencies. For example, if you witness information about the distribution of coins on behalf of the recently hacked Binance blockchain ecosystem, go to the official source and clarify this information.
-Check if any third-parties are linked to the wallet transaction to which you plan to transfer your savings. One way of doing this is through blockchain browsers such as etherscan.io or blockchain.info, which allow users to view detailed information about any cryptocurrency transaction and identify if the particular wallet may be dangerous.
-Always check the hyperlink addresses and data in the browser address bar. It should be, for example, “blockchain.info’, not “blackchaen.info”.
-Save the address of your e-wallet in a tab and access it from there – in order to avoid making a mistake in the address bar and accidentally going to the phishing site instead.