Crypto Sector Faces $580K Loss in Sophisticated Phishing Scam Involving Prominent Firms
Summary:
The cryptocurrency sector recently faced a phishing attack targeting the mailing lists of Wallet Connect, Token Terminal, Cointelegraph, and other prominent firms, resulting in a loss of approximately $580,000 within a few hours. The scammers expertly mimicked genuine companies and personalities in the industry using tailored, enticing offers like airdrops and token sales, while utilising deceptive websites and social media pages, making the scams challenging to detect. To protect oneself from such scams, a measured approach coupled with cautious skepticism is advised.
The cryptocurrency sector is under constant assault from impersonation scams and deceptive emails. The most recent strike, which happened on Tuesday, January 23, was aimed at the mailing lists of Wallet Connect, Token Terminal, Cointelegraph, and other established cryptocurrency companies via their email provider, MailerLite. ZachXBT, a crypto researcher, discovered that the offenders netted approximately $580,000 within just a few hours.
A coordinated phishing assault on January 23 infiltrated the mailing lists of several renowned cryptocurrency companies, including Cointelegraph, which reportedly all utilized the same mailing list provider. Now, an investigation is underway to look into the situation. While certain specifics of the crime were tailored to each mailing list's readership, some aspects were consistent across all attacks, such as an invitation to receive an airdrop via a link embedded in the email.
Cointelegraph, for the record, does not hold any sort of airdrops. However, the scammers misrepresented the airdrop as being part of Cointelegraph's “10th Anniversary” celebrations, whereas on Token Terminal it was presented as “Beta Early-Access Airdrop” and on WalletConnect as “Web3 Inbox Airdrop.”
The scammers also went to the extent of fabricating a news article under the name of an actual Cointelegraph reporter, alleging that Amazon was organizing a token sale and inviting users to follow a link promising free rewards in exchange for their participation. They painstakingly designed their website to resemble Cointelegraph's, replete with ads and authentic Cointelegraph articles, along with a domain address closely resembling Cointelegraph's. However, the essence of each scam remained constant: click the link to garner free money, which in actuality only went into the pockets of the scammers as they emptied the victims' wallets.
Regrettably, instances of phishing in the crypto world are all too frequent. Mainly, scammers try to mimic reputable brands and personalities' email IDs, often leaving behind dubious signs. In this case, the emails appeared to be sent from credible sources, which made it all the more challenging to identify the deception. However, despite the sophistication of their attack, the criminals made elementary errors, giving away more indications that the emails were fraudulent.
Social media sites are another hotspot for impersonation scams, where imposters often pose as famous crypto personalities like MicroStrategy co-founder Michael Saylor, who is among the most impersonated individuals on social media. Saylor's crew reportedly tackles around 80 AI-generated counterfeit videos of him each day.
These counterfeit videos are propagated from a plethora of accounts claiming to be the MicroStrategy founder, amounting to absurdity. Mostly, these impersonation scammers invite users to partake in an airdrop by clicking on a link - a common gimmick, hence a potential red flag.
In April 2023, Contelegraph reported on another common online impersonation involving Google ad scams. Decentralized finance protocols such as Zapper.fi, Lido, Stargate, DefiLlama, Orbiter Finance, and Radiant were among the scams' victims. These scams placed Google ads promoting these sites on top of search listings, subtly modifying the URLs, thereby duping users into visiting the wrong site. Users, unaware of this, approved wallet login signature requests, thereby exposing their crypto assets. Scammers reportedly amassed over $4 million within a month, way more than their advertising cost of $15,000 during the period.
Impersonation scammers bank on human frailties such as fear, greed, complacency, and lethargy to make easy money. Nevertheless, by taking a few precautionary measures such as taking ample time before any online activity, verifying websites and social media pages, avoiding clicking on sponsored links and being wary of too-good-to-be-true schemes, one can safeguard themselves from such scams.
Published At
1/24/2024 5:01:00 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.