Crypto phishing scams are becoming one of the most profitable methods for cybercriminals to steal your cryptocurrency.
Phishing for Crypto
Cybercrime exists because it’s profitable. You might think the efforts of malicious actors are petty or trivial when you delete obvious scam emails from your inbox, but every so often, one of them works — and it makes money for the bad guys.
Speaking of money, if you know enough to recognize a phishing scam email, you probably know what cryptocurrency is. Cybercrime has wasted no time hatching schemes to take advantage of the new crypto trading infrastructure through email phishing campaigns.
If you or anyone you know is trading cryptocurrency, you need to be aware of these scams.
Similar to the way hackers attempt to compromise more traditional banks, crypto phishing attempts are often disguised as requests from valid banking operations for your personal login information. In the case of MyEtherWallet (MEW), the phishing email sent to users suggests that there’s been an unrelated security incident on MEW servers and the company needs your login info.
Like any good financial institution, MEW does not request this information via email and submitting it could put you at risk of compromising your wallet.
2. Pay Fees on Money Won
This is just a crypto-flavored remake of an old trick. This phishing scam contacts you to let you know you’ve won a large sum of money, but you’ve got to pay the taxes on it in order to receive payment.
It’s the same old bait-and-switch hackers have tried time and again. Don’t fall for it.
3. Electrum Wallet Attack
In this attack, the hackers have sent users of another crypto wallet notifications that they need to download a new version of the software. A look at the company’s official statement will reveal that in fact, the latest build of Electrum is 3.3.3, not the 4.0 build suggested in the attack.
Fall for it, and you download a malicious program that could put your money in the hands of criminals.
4. Fake ICO Schemes
While not limited to just phishing campaigns, criminals will target you with offerings for coins that don’t exist. All you have to do is sign up using this new company’s proprietary wallet software, “fleecemypockets,” and send as much money as you’d like to invest.
Your purchase certificate will arrive in the mail after you pay the entry tax, which goes to the same email as the wallet software. Steer clear.
5. Sextortion Scams
These are a relatively vanilla remake of the classic phishing scheme with a few new tweaks. You receive an email that makes mention of one of your existing passwords to show that the hacker has compromised your account. They then threaten you with the notion that they’ve acquired pictures or videos of you that are sexual in nature and could make them public if you don’t pay in crypto. Don’t fall for it.
As you can see, some of these are creative, but the majority are just a crypto-twist on rehashed scam emails. Remember the basics of online safety, like checking the links in the email, the sender and the grammar in the message for errors. If something smells phishy it probably is.
Don’t forget to report these attempts to your banking or crypto-wallet company so they can deal with them proactively.
[Note: This is an educational guest article submitted by Kayla Matthews]
Have you been the victim of a phishing attack? Share your experiences below!
Images via Shutterstock