Comments
Cybersecurity firm Kaspersky has detected more than 1,500 fraudulent global resources aimed at potential crypto investors or users who are interested in cryptocurrency mining since the beginning of 2021, the company has said.
During this period, the company prevented more than 70,000 user attempts to visit such sites.
The cybersecurity firm further detailed the most common schemes used by cybercriminals to target such users in a report.
As per the report, cybercriminals tend to create fake cryptocurrency exchange websites to target potential crypto investors.
"In this case, the user is allegedly given a coupon for replenishing an account on a crypto exchange. However, to use it they must carry out a verification payment of usually no more than 0.005 bitcoin (about 200 US dollars), which becomes the cybercriminals’ profit," it explained.
Modus Operandi
In some cases, cybercriminals message users about fake sales of video cards and other equipment for mining. Users need to make an advance payment to purchase equipment. After providing it, the author of the ads stops communicating.
Attackers also create phishing pages with various content to steal private keys, which allow cybercriminals to gain access to all digital assets associated with a crypto wallet.
"Typically, cybercriminals locate sites in popular domain zones: .com, .net, .org, .info, as well as in zones where domain acquisition is cheap: .site, .xyz, .online, .top, .club, .live. A distinctive feature of phishing and other types of cryptocurrency fraud is the high level of detail on phishing websites," as per the report.
For instance, on fake crypto exchanges, real data, such as bitcoin rates, is often loaded from existing exchanges.
Attackers understand that people who are investing or are interested in this area are often more tech-savvy than the average user. Therefore, they leverage more complex techniques to get data and money from these people.
“Lately, many have become interested in cryptocurrencies, and attackers would not pass up the opportunity to use this to their advantage. At the same time, both those who want to invest or mine cryptocurrency and simply the holders of such funds can find themselves on the fraudsters’ radar," said Alexey Marchenko, head of the Content Filtering Methods Development department at Kaspersky.
"For example, one of the schemes we discovered went as follows: users received a message about the sale of an exclusive coronavirus vaccine earlier than official schedules and only for those who have bitcoins. This type of fraud was especially prevalent when the vaccines just became available. The user went to the site where the contact indicated, to which it was necessary to write to pre-order the vaccine. The target then needed to make an advance payment in bitcoins, with the money going to the cybercriminals' account and the person receiving nothing in return," Marchenko further explained.
Comments
COMMENT NOW
Comments
Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.
We have migrated to a new commenting platform. If you are already a registered user of TheHindu Businessline and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.