Hackers are Increasingly Targeting Crypto for Scams

Cryptocurrency has gained increasing popularity in recent times. However, a new trend shows cybercriminals and other threat actors are also drawn to these crypto platforms, moving from targeting users via emails.

What’s Happening?

Hackers and cybercriminals are leveraging Google Ads to steal cryptocurrency wallets.

Unlike conventional phishing attacks where hackers send phishing links via email, these scamming groups are cloning popular platforms and wallets like Phantom and Metamask, and bidding for related keywords on Google Ads and Google Search, placing them sometimes next to the original sites, in order to target victims’ crypto wallets.

The ads contain malicious links, which usually redirect targets to a phishing website. According to CheckPoint Research, it is estimated that more than $500,000 worth of cryptocurrencies were stolen in days from compromised accounts this past weekend.

The Phantom and MetaMask wallets are the most popular wallets for the Solana and Ethereum ecosystems, which makes them a great target to trick users into giving up their wallet passphrase and private key.

What are the most Common Crypto Scams in 2021?

There are many reasons why people use cryptocurrency, some reasons including payments, to invest, or because it offers some anonymity. Bitcoin and Ethereum are some of the popular cryptocurrencies, but there are many different cryptocurrency types and new ones are still being created.

Due to this, it can be very confusing for a beginner in crypto, and it is easy for them to fall into scams since most of the related applications and concepts are unfamiliar. Hence, it is important to keep in mind some pitfalls to avoid bad results when dealing with cryptocurrency.

Blackmail. Scammers can send threatening emails and claim to have access to your personal information. They can use this to demand payment in crypto to prevent the release of your information.

Paying for Non-Existent Treatments or Equipment. Scammers have been known to lure customers by offering products that claim to accept payment in cryptocurrencies for products that do not actually exist.

Investment Scams. Cybercriminals often take advantage of the complexities of cryptocurrency to promote fraudulent investments in a “new” cryptocurrency to take a victim’s money. A recent example is the Squid game crypto coin which turned out to be a scam.

Crypto Phishing. The common way that cybercriminals steal cryptocurrency is by cloning sites and creating phishing variants of the URLs. 

What are the biggest hacks this year?

Hacks involving millions of dollars are happening frequently and, as these platforms are largely unregulated, there's no guarantee that customers get their money back.

• In November, DeFi platform bZx lost around $55 million in various cryptocurrencies after a developer fell prey to a phishing attack.
• $610m was stolen from the Chinese platform Poly Network in August in what is likely to be one of the biggest cryptocurrency thefts ever. In a strange turn of events, the hacker returned all the funds and customers have started being reimbursed.
• In March and May this year, hackers stole from the wallets of at least 6,000 customers of cryptocurrency exchange Coinbase Global Inc (COIN.O).

How can I protect myself from crypto scams?

If something unexpected happens, such as sending cryptocurrency to the wrong person or having your digital wallet stolen or compromised, it is unlikely to find anyone who can step in to help you recover your funds, and it is likely that all the bitcoins from the compromised address will be transferred. In most cases, the crypto exchange does not have provisions to identify the thief, block further transactions, or return them to the legitimate cryptocurrency address.

Here’s how you can protect yourself from becoming a victim of a crypto scam:

• Examine the browser URL. Always double-check the browser URL before accessing a website.
• Look for the extension icon. To understand if you are accessing a website or an extension, the extension will contain an extension icon near it.
• Never give out your passphrase. You should never give out your passphrase and no one should ask for that either.
• Skip the ads. Always look at the first website in your search and not in the ad, as these may mislead you to get scammed by cybercriminals.
• Verify Accounts. Always verify that a vendor/charity is legitimate and accepts cryptocurrency before sending payments/donations.
• Do Your Research. Always research potential investment opportunities before committing.
• Crypto Payment As the Only Option. Be wary of anyone who says you must pay by cryptocurrency. 

What are companies and governments doing?

Unlike U.S. dollars deposited into a bank account, cryptocurrency accounts are not backed or insured by a government. If you store cryptocurrency with a third-party company, and they eventually get hacked or go out of business, the government has no obligation to get your money back.

However, law enforcement has started taking strict actions against cyber criminals as evident from the latest ransomware attack shutdowns from incidents that have disrupted critical services and businesses globally.

And while most virtual currency activity is legal, these virtual currencies remain the primary mechanism for ransomware payments.

As cyber-criminals employ even more elaborate schemes to convert technology into tools of digital extortion, law enforcement has expressed the commitment to continue improving the cyber resiliency of critical infrastructure across the nation.

An example is when the U.S. Treasury Department sanctioned the Chatex cryptocurrency exchange for aiding in ransom transactions and assisting ransomware gangs. In the U.K, an individual was charged with the theft of $784,000 worth of cryptocurrency.

New phishing campaigns are being introduced every day by cybercriminals and this trend is expected to continue in the near future. Always double-check the URLs before clicking and currently, avoid clicking on crypto wallets in Google Ads.

You can also report fraud and other suspicious activity involving cryptocurrency to the FTC at ReportFraud.ftc.gov and the U.S. Securities and Exchange Commission (SEC) at sec.gov/tcr.