How are cyber criminals targeting cryptocurrency users?
Some of the techniques the phishing attacks include are fake requests for donations and business email compromise (BEC) scams where they ask people to make payments in cryptocurrency.
As digital coins or tokens become more common, cybersecurity researchers have said there is a greater likelihood of more people falling victim to fraud for digital currencies.
Cybercriminals are sending out millions of phishing emails a day, using a variety of techniques, to steal Bitcoin and other cryptocurrencies from victims, according to a report by cybersecurity researchers at Proofpoint.
Some of the techniques the phishing attacks include are fake requests for charity donations and business email compromise (BEC) scams, asking people to make payments in cryptocurrency.
According to the report, Proofpoint blocks an average of one million extortion emails daily, with some days peaking at nearly two million.
“Proofpoint researchers observe multiple objectives demonstrated by cybercriminal threat actors relating to digital tokens and finance such as traditional fraud leveraging business email compromise (BEC) to target individuals, and activity targeting decentralized finance (DeFi) organizations that facilitate cryptocurrency storage and transactions for possible follow-on activity,” the report said.
JUST IN: Cybercriminals have stolen $1.57 billion worth of #cryptocurrency in the first four months of 2022, surpassing the $1.55 billion stolen in all of 2021.
— Watcher.Guru (@WatcherGuru) May 1, 2022
“Both of these threat types contributed to a reported $14 billion in cryptocurrency losses in 2021.”
Proofpoint noticed regular attempts that compromised users’ cryptocurrency wallets through credential harvesting.
The method often relies on delivering a URL within an email body which redirects to a credential harvesting landing page.
These landing pages have begun to solicit values utilised in transferring and converting cryptocurrencies.
Credential harvesting landing pages are often built with phish kits that can be used to create multiple landing pages and used in numerous hacking attempts.
Phish kits allow cybercriminals to deploy an effective phishing page regardless of their skill level.
“They are pre-packaged sets of files that contain all the code, graphics, and configuration files to be deployed to make a credential capture web page. These are designed to be easy to deploy as well as reusable,” the report said.
‘Email deception’
Business email compromise is a popular form of financial crime through phishing (“BEC”). The Proofpoint BEC Taxonomy defines BEC as “financially motivated, response-based, socially engineered, email deception”.
Proofpoint observed in 2022 cryptocurrency transfer made through BEC attempts.
These requests are made through employee targeting, using impersonation as a deception, and often leveraging advanced fee fraud, extortion, payroll redirect, or invoicing as themes.
#Cryptocurrency investors must educate themselves about the risks involved in #cryptocurrencies and the threat cybercriminals pose to cryptocurrency exchanges, #blockchains, and #smartcontracts written on them.
— Neptune Mutual (@neptunemutual) April 17, 2022
In the #crypto market, your security is your own responsibility. pic.twitter.com/3JGb6cey3J
For example, hackers send functioning sets of login credentials to fake cryptocurrency wallets in which they are promised large sums of Bitcoin if they deposit some money into the platform first.
The report shows losses from crypto-related crime jumped 79 percent year-over-year in 2021. The US Federal Trade Commission (FTC) said that more than 46,000 people have reported losing over $1 billion in digital currencies to scams.
The top cryptocurrencies people said they used to pay scammers were Bitcoin (70 percent), Tether (10 percent), and Ether (9 percent). People ages 20 to 49 were more than three times as likely as older age groups to have reported losing cryptocurrency to a scammer.
“Threat actors are way ahead of general adoption of cryptocurrency, with existing infrastructure and ecosystems long established for stealing and using it. And as mainstream awareness and interest increases, it is more likely people will trust or engage with threat actors trying to steal cryptocurrency because they better understand how DeFi operates or are interested in being a part of “the next big thing," the report said.
“Users should be aware of common social engineering and exploitation mechanisms used by threat actors aiming to steal cryptocurrencies.”