Since the beginning of the year, Kaspersky Lab has detected more than 1,500 fraudulent resources around the world aimed at potential crypto investors or users who are interested in mining cryptocurrency
Specialists of the Kaspersky Lab antivirus company warned about an increase in the volume of fraud, the potential victims of which may be crypto investors. Since the beginning of 2021, experts have identified more than 1,500 such fraudulent resources.
In addition, Kaspersky reported on its success: this year the company blocked more than 70 thousand attempts of users to go to fraudulent sites.
Criminals create phishing pages whose task is to steal private keys that allow access to all digital assets and crypto-wallets. Such web resources are usually located in popular domain zones like .com, .net, .org, .info or in cheap zones — .site, .xyz, .online, .top, .club, .live.
Kaspersky Lab noted the high level of detail of malicious sites. As an example, experts cite the loading of real data from existing cryptocurrency exchanges. This is easily explained by the higher level of technical knowledge that people interested in investing in digital currencies must have. Attackers understand this and try to improve their techniques.
Also, scammers often send notifications about fictitious sales of video cards and other digital currency mining equipment. In this case, the victim is persuaded to buy the hardware, which requires an advance payment.
As noted by experts, the topic of investing in cryptocurrencies is willingly used by cybercriminals in conjunction with the names of famous people. For example, people in the U.S. have recently lost several million dollars by being "hooked" on a scheme with the name of Elon Musk. Investors were promised a generous return on investment on behalf of the head of SpaceX.
According to the InfoWatch expert, the first wave of interest in cryptocurrencies in Russia began in 2016-2017. At the same time, fraudulent schemes aimed at deceiving people who were just beginning to get interested in digital assets, mining and blockchain platforms, as well as at deceiving the first investors became widespread.
Researchers reported on Tuesday that they discovered two email phishing assaults targeting at least 10,000 mailboxes at FedEx and DHL Express that hope to extract client's work email account. In a blog published by Armorblox, the researchers said one assault impersonates a FedEx online document share, and the other claims to share shipping details from DHL. The phishing pages were facilitated on free services like Quip and Google Firebase to deceive security technologies and clients into thinking the links were legitimate.
As the year is coming to a wrap, the 2020 holiday season is being actively attacked by malicious actors. In recent months, a steady upsurge has been witnessed in cybercrime related to online shopping as people have increasingly shopped online this year. Security experts have predicted a further spike in cyber scams during the holiday season, especially throughout the month of December.
In the city of Lagos, three Nigerian nationals suspected of participation in an organized cybercrime group behind malware distribution, phishing attacks, and a massive business email compromise (BEC) ring responsible for scams globally, have been arrested under “Operation Falcon” carried out jointly by international police organization with Nigeria Police Force and Singapore-based cybersecurity firm Group-IB, according to the reports by Interpol.