You’re On The Hook: The Phishing Threat For Crypto Users

WhiteBIT
Published 19 December 2020

Financial and customer losses, companies’ reputational risks, and many other problems are associated with the fraudsters’ actions. Day by day, hackers seek to obtain important data with the aim of illicit enrichment.

The cryptocurrency industry, which occupies a significant part of the global financial market, has become a very tasty morsel for cybercriminals.

Every day we read news about new hacks, and also comment on our friends’ posts about a new fraudulent scheme. It’s time to take care of yourself and learn about simple ways to protect your funds and data from the most popular attacks among hackers — phishing.

Всегда под рукой
Весь мир криптовалют в вашем кармане

Let’s Go Through The Terms

Phishing is an online attack carried out by an attacker in order to obtain confidential data. The hacker contacts his potential victims via various means of communication (messengers, e-mails, phone calls, etc.) and gets all the information by deception.

A classic example of a phishing attack: you receive an official e-mail, allegedly from a company of which you`re a client. The letter may contain a request to fill out the registration form on the website. After following the link, you will have no doubt that the site is original, but the registration form will require you to provide your seed phrase from the crypto wallet or your account password. Thus, your funds will be in another account in a matter of minutes, and access to them cannot be restored.

The situation is extremely unpleasant, but it’s worth remembering that the main weapon against fans of other people’s money is anticipating their actions. That is, recognizing an attack before it ends.

The Most Common Phishing Types

The hacker attacks statistics are disappointing and there are many types of phishing. The most common schemes are deceptive phishing, spear phishing, CEO fraud or fake president fraud, pharming, and fake websites or fake ICO airdrop.

For deceptive phishing, we can use the email example discussed above. The scammer tries to convince you that the letter was sent from a reliable company/organization and asks for any personal information.

With spear phishing, the attackers already own some of your data (for example, your full name or your phone number) and they’re also contacting you, just like in deceptive phishing. But they have one goal — information.

As a result of a CEO fraud or fake president fraud, the victims are confident that they are providing the data to the boss, but in fact, there is a hacker on the other side of the monitor.

It is also worth knowing about pharming. The scammer distributes malware that redirects the user to fake sites. For example, the victim goes to google.com, but this turns out to be just an imitation of a search engine.

Of course, phishers don’t neglect the crypto industry and often fake websites of popular exchanges and services. Fraudsters can also set the cost for showing ads higher and their fake sites appear first in search results. Moreover, scammers are actively using Telegram. By joining the channels of popular crypto companies or ICOs, they imitate admins accounts and contact users, offering to buy digital actives at a more attractive price. As a result, the victim is left without anything.

Cyber Literacy Memo

Most often, crypto enthusiasts fall into the trap of spamming on behalf of exchanges or projects. Hackers want to get your data entered on fake sites, which are sometimes extremely difficult to distinguish from the original.

At the same time, the letter may contain an attractive offer of monetary reward after the survey, and many cannot resist the temptation.

Moreover, hackers have long mastered Facebook, where they actively fake the official pages of the crypto market representatives. Be careful, they usually copy all publications, but the fake page address will be different from the original one. Go to the companies social networks from their official websites and be careful, because even one letter or sign in address can be changed.

Offers to increase funds on your balances have become a classic scheme for scammers. Phishers offer to transfer your cryptocurrencies or part of them to a separate wallet while promising an incredible profit of 300% or even 1300%!

But let’s be realistic, blockchain companies, including crypto exchanges, cannot give out such huge amounts to everyone who just signs up.

Check all links and never open emails that make you suspicious.

It’s better to enter the necessary addresses manually and actively use all the functionality of social networks to set up privacy.

Article tags