August 19, 2021

Kaspersky announced that its security software was able to stop more than 70,000 attempts to visit fraudulent crypto websites, which it said consist predominantly of three types: fake cryptocurrency exchanges, fake sales of crypto mining hardware and phishing sites aimed at stealing cryptocurrency wallet private keys.

Fake exchanges, for example, lure victims with coupons promising a bitcoin payout in exchange for a verification payment, “usually no more than 0.005 bitcoin (about $200),” Kaspersky said. This $200 investment does not yield anything in return, as the criminals disappear after the victim has submitted the payment.

The ongoing global chip shortage may have caused the second type of fraud, in which cybercriminals send messages advertising the counterfeit sale of crypto-mining devices such as video cards, etc.

The third type involves traditional phishing. Criminals have created a lot of phishing pages “with content aimed at stealing private keys that enable cybercriminals to have access to all digital assets within a crypto wallet,” Kaspersky said.

The most serious is the online cryptocurrencies scams. Kaspersky said that fake crypto exchanges often have feeds with real bitcoin price data from other websites. The details are due to the high barrier to entry that comes with investing in cryptocurrencies or mining. “People investing or interested in this area are often more tech-savvy than the average user. Therefore, the cybercrooks make their techniques more complex to get data and money from these people,” Kaspersky said.

Kaspersky makes the following recommendations to outsmart cybercriminals:

• Links that offer a crypto-deal sent via email, messaging app or social network can be dubious. First, research the name of the exchange or online shop that makes the offer to determine its legitimacy.
• Beware of over-generous offers: if it’s too good to be true, it probably isn’t.
• If someone grants access to a crypto-related app that needs to be downloaded outside the official iOS, Android, or other app stores, never download it.
• Install a security product that can detect phishing and other scams.

For more information, read the original story in TechRepublic.