Over 200,000 attempts made to steal users’ Digital Currencies and Credentials via Phishing: Kaspersky

Image credit: Genbeta

Since 2022, Kaspersky products have detected and prevented almost two lakh attempts to steal users’ digital currencies and credentials to their wallets via phishing.

The number of such attempts almost reached 50,000 in April, which is half of the indicators for the first quarter of 2022. Crypto wallets are the primary target for scamming and malicious activity.

Kaspersky experts took a close look at the phishing pages aimed at potential crypto investors as well as the malicious files that are distributed under the names of the 20 most popular cryptocurrency wallets.

With the boom in digital cur2rencies observed over the past five years, Kaspersky experts have seen various cybercriminal tactics used to steal cryptocurrency – from luring victims with gifts sent by crypto exchanges to distributing Trojanized DeFi wallets.

Crypto wallets are the primary target for scammers because they are the initial place of storage for cryptocurrency and deal with large amounts of virtual money, according to reports.

In 2022, Kaspersky products recorded 193,125 phishing attempts aimed at potential crypto investors or users interested in cryptocurrency mining. Throughout the first quarter of this year, Kaspersky experts discovered about 107,000 attempts.

The report further added that fraudsters mimic the original crypto wallets’ websites and lure victims to enter a personal seed phrase, a secret phrase of 12 or 24 words that ensures the security of the wallet, along with a password and private key. Once the user shares their secret phrase, they’re redirected to the real website, however, their account and all of their savings are now in the scammer’s hands.

Crypto wallets analysed by Kaspersky

Experts found that within the first five months of 2022, Kaspersky products had prevented more than 1100 users from downloading more than 1400 different variants of malicious files spread under the analysed crypto wallet names.

Out of the discovered malicious files, 75 per cent were exploiting the Binance exchange. This was followed by Electrum (10 per cent) and MetaMask (9 per cent). Most often fraudsters distributed Trojan downloaders, programmes that download and install new versions of other malicious programs. Found bankers, spyware and ransomware were also found in the analysed.

“Scammers will stop at nothing to steal cryptocurrency. With the growing value of digital currencies, fraudsters have been intensifying their scamming activities toward potential investors. Phishing crypto scams deserve special attention – because they’re based on social engineering, these attacks do not require any advanced technical skills to be launched and work well for the fraudsters. They are often successful due to a user’s inattention and lack of awareness. Hence, users need to be wary of basic scamming indicators: offers that are too generous, proposals from unknown senders as well as requests for money with the promise of future profit,” said Alexey Marchenko, Head of Content Filtering Methods Research at Kaspersky.

Recommendations by Kaspersky experts

It is important to be vigilant of the unexpected messages about the loss of money and accounts or transfers, gifts, and winnings. Always check links carefully. It’s best not to click on any links in messages from internet service providers at all, instead, type the address of the service into your browser and install a reliable antivirus solution to protect yourself against phishing.

Publish on W.Media
Author Info - W.Media
Share This Article
Other Popular Posts