Cryptocurrency and digital token scams have become a common threat facing investors and the general public today. Even though regulators worldwide are clamping down on fraud – through tax legislation, securities offering registration, tighter rules surrounding cryptocurrency adverts, and by keeping a close eye on initial coin offerings (ICOs), exit scams, rug pulls, and theft is still rampant. Interest in cryptocurrency – and now NFTs – continues to escalate, providing a breeding ground for new scams to appear on a daily basis. Chainalysis estimates that fraudsters received approximately $14 billion in deposits in 2021. The cyberattackers gave visitors roughly 30 seconds to read the fake release before they were automatically redirected to a domain that offered pre-sale tokens. The website in question was fully functional and required signing up email account confirmation and user profile creation. “The website included social engineering techniques that presented a fake progress bar, indicating tokens were about to sell out, adding pressure to the victim’s purchasing decision,” Akamai says. At this stage, visitors were asked to then pay for the pre-sale tokens with their own cryptocurrency, including Bitcoin (BTC) and Ethereum (ETH). As the tokens are non-existent, these funds then ended up in the wallets of attackers. Another lure is also presented – a fake referral program that promises rewards if users refer friends and family. This can expand the reach of the token scam on behalf of the attackers with no further effort on their part. In total, most of the visitors to the fake token landing pages were using mobile devices (98%). The distribution of mobile operating systems in use is fairly even but leans toward Android handsets (56%), followed by Apple iOS (42%). The majority of victims are located in North America, South America, and Asia. “Based on our research, we predict that crypto scams will continue to drive many nefarious activities throughout the 2022 threat landscape,” the researchers commented.
Previous and related coverage
Crypto.com confirms 483 users hit in attack that saw over $31m in coins withdrawn. Multichain token hack losses reach $3 million: report. SnatchCrypto campaign plants backdoors in crypto startups, DeFi, blockchain networks.
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0