Crypto-scams Take Center Stage

Although the cryptocurrency market has been in the doldrums in recent months, there is no doubt that the interest in these digital assets has spread throughout society.

Just a few days ago, we echoed a survey by the European Central Bank, which revealed that 12% of Spanish households have already invested in cryptocurrencies. To give us an idea of what this percentage represents, we must remember that only 15.8% of Spaniards have an individual pension plan, according to Inverco data.

Apart from the risks it may entail from a financial point of view or whether it is the right time to invest in cryptocurrency, another aspect to take into account is cybersecurity. Hackers are taking advantage of the cryptocurrency boom and are putting these investors in the spotlight.

Thus, the cybersecurity company Proofpoint claims that it blocks one million crypto-scams every day via email, stopping up to two million messages on peak days. It also indicates that cryptocurrency and NFT-related cyber scams caused $14 billion in economic losses last year.

“These cryptocurrency threats are not new. However, with the growing adoption of these currencies, it is now more likely that people are more easily drawn into social engineering lures under this theme,” says Sherrod DeGrippo, vice president of Threat Research and Detection at Proofpoint.

In a recent report, the company explains that cybercriminals impersonate popular cryptocurrency platforms such as Binance, Celo or TrustWallet. They also impersonate platforms such as OpenSea, dedicated to NFT trading. In this way, they send their victims emails that redirect them to fraudulent login pages, with the aim of stealing their login details.

Proofpoint emphasizes the significant threat posed by these types of attacks, as getting hold of the seed phrase or private keys can allow attackers to transfer cryptocurrencies out of the user’s wallet.

The company has also identified email crypto-scams that include topical claims, such as the Russian invasion of Ukraine, requesting solidarity cryptocurrency donations.

In addition, the company has detected the use of phishing techniques via email with the intent to install malware. This malware focuses on scanning the directory in which the cryptocurrency wallet is stored, attempting to steal files stored in ‘cold wallets’, but is also used to record keystrokes, take screenshots, perform network reconnaissance and steal other sensitive data.

Proofpoint warns that these types of attacks can be perpetrated by almost anyone, as they do not require extensive knowledge. So while a basic understanding of how cryptocurrency transfers and wallets work is necessary, sophisticated tools are not needed to be successful. In fact, he points out that fraudulent data collection pages are often created with easily accessible phishing kits.