Phishing attacks have been a widespread tool for stealing and misusing people’s credentials. Now, they have penetrated the cryptocurrency industry, mostly to get access and steal the users’ funds.
The scheme of such an attack is quite simple. Criminals pose as popular brands, banks or other reputable organisations and send their victims emails containing malicious links and attachments. As soon as a user clicks the link or opens the attachment, one’s device gets infected by a malware that steals confidential information from that device.
As the cryptocurrency industry gains popularity and attracts more and more users daily, it has naturally attracted the attention of scammers and hackers. Besides, as it is entirely digital, most operations are performed online. Therefore, all keys and passwords are mostly stored on devices. By having infected it with malware, phishing scammers can get access to crypto funds in no time.
After the entire world suffered from the COVID-19 lockdowns, the number of various scams skyrocketed enormously. Phishing attacks have also flourished as criminals started speculating on the overall panic.
For instance, CoinIdol, a world blockchain news outlet, previously reported that scammers were pretending to be reputable government organisations such as Her Majesty's Revenue and Customs. In their emails, scammers allegedly offered people tax returns as compensation for losses during the lockdown. However, after the users clicked the link in the email, it immediately led to the loss of credential and banking information.
Despite the pandemic triggering a significant growth of phishing attacks and drawing much attention to them, this kind of scam was not new in the crypto industry. There are some kinds of attacks that repeat over the years.
Recently, two users of Electrum software wallet reported huge losses of BTC to a phishing scam having affected the wallet. According to a report by Inside Bitcoins news outlet, the loss totalled to about $15 million.
This was not the first time the wallet was affected. Back in 2018, another phishing attack resulted in the loss of around $800,000. Considering the similar pattern of both attacks, it is worth assuming that both cases were the work of the same criminal, proving that phishing attacks are difficult to expose and track down.
However, law enforcers still do their best to protect netizens from cryptocurrency scammers. Back in August 2020, Russian Intelligence Service announced their plans on using an Artificial Intelligence-based platform to de-anonymize privacy coins, which would allow to track down illegal transactions using these coins.
International law enforcers such as Interpol also pay attention to innovative technologies to build an enhanced analytical platform making it possible to track cryptocurrency transactions related to crime and scams.
Tech companies and service providers are also making their efforts to protect their users. For instance, most email platforms have some mechanisms that filter out suspicious emails and send them to the spam folder at once. Despite such mechanisms being far from perfect, they have already saved many users from losing their credentials.