While cryptocurrency holders search for new investment opportunities and ways to increase their savings, and enthusiasts look to learn more about the benefits of going cashless, malicious users are also looking for ways to capitalise on the popularity of the blockchain phenomenon. Multiple blockchain-themed fraud schemes exploiting the hype around the technology have been spotted in the wild recently, according to Kaspersky Lab’s “Spam and Phishing in Q3 2017” report which was released on the 8th of November 2017.
For several months, spammers have been showing increased ingenuity, with their activities proving that they are monitoring the latest trends and global developments in cryptocurrencies. Based on blockchain technology, cryptocurrencies have become an attractive target for cybercriminals, who have been successfully and inoffensively targeting their victims through web-mining. Alongside this, during the past three months, Kaspersky Lab researchers have also detected an increase in spam activities related to cryptocurrency. According to the “Spam and phishing in Q3 2017” report, criminals have been using several successful tricks to fool users and steal their money.
The report found that fraud schemes, based on cryptocurrency trading, have been prevalent over the last quarter. In one such scenario users receive an email invitation to install special software for trading in the cryptocurrency market, but when they click on the link, they are redirected to different websites promoting investments options, including binary options trading. By doing this, cybercriminals hope that users will be enticed to invest more and more money, and transfer currency to a trading account which they own. However, for the victim there is no guarantee that it will lead to something, or they will get their money back. This type of fraud scheme is similar to a casino set-up, and aims to provoke users to bid until they have nothing left, leaving the cybercriminal with everything.
More primitive, but no less effective, tactics used to exploit victims include the distribution of emails offering to transfer money to a specific crypto wallet, where the user receives their money back with interest. But of course, that never happens. Users initially transfer money to an unknown wallet and the cybercriminal cashes in.
Another fraud scheme, discovered by Kaspersky Lab researchers in Q3, was in the form of offering to help users learn more about cryptocurrencies and how they could benefit from them. This underhand tactic aimed to exploit a lack of understanding about blockchain technology and how cryptocurrencies work. Criminals advertised educational workshops via email that would help users enhance their knowledge and skills around cryptocurrency and learn about investment opportunities. With a high price tag, users were duped into paying and believing this was a legitimate advert. However, the money paid to receive such advice would only end up enriching someone else’s wallet, not the user’s knowledge. Because usually such workshops promoted via spam are quite expensive, and imply more of advertising than real knowledge.
“While in the second quarter of the year we observed the WannaCry spam and phishing attacks, in the past three months we have witnessed criminals actively exploiting the popularity and interest around cryptocurrency. This once again shows that the most reliable way to target victims is by utilising current trends and cashing in on an emerging market which users are still getting to grips with and keen to explore. There is no doubt that attacks in this form will continue, so it is extremely important for users to pay careful attention, be vigilant and keep up to date when it comes to global phenomenon”, concluded Darya Gudkova, Spam Analyst Expert at Kaspersky Lab.
Edited by Dean Workman
Follow Dean Workman on Twitter
Follow ITNewsAfrica.com on Twitter