The launch of an ICO (initial coin offer) has been for some time considered a quick opportunity for investment enthusiasts in cryptomontages. The rhetoric is simple: Buy today a virtually launched virtual currency with a value close to zero in the idea of selling later with profit
The phenomenon of cryptomonas and the appearance of an interested public, made up of their owners, could not go unnoticed by cybercriminals. The techniques typically used to achieve their goals are classic, phishing. However, these often go further than the "normal" scenarios. Inspired by themes such as the launch of an initial coin offering, investment and the free distribution of cryptomonas, cybercriminals have been able to take advantage of both virtual and novice coins
Among the most popular targets are those interested in ICO who want to invest in start-ups, hoping to make a profit in the future. For this group of people, cybercriminals create fake webpages that mimic sites of official ICO projects or try to gain access to their contact network so they can send phishing emails with the number of an electronic wallet, for potential investors. The most successful attacks use highly-known ICO projects. For example, by exploiting the Switcheo ICO, using a free money distribution proposal, the offenders stole the equivalent of over $ 25,000 in cryptomones after they spread the link via a fake Twitter account.
Another example is the creation of phishing sites for the ICO OmaseGo project, which allowed crooks to earn over $ 1.1 million in cryptomonades. Of equal interest were the rumors related to the ICO for the Telegram, which led to the creation of hundreds of false sites where "investments" could be made.
Another trend in cryptomonas is that of "gifts." The method is as follows: Victims are asked to send a small amount in virtual coins in exchange for a much higher amount they will receive in the future. The criminals even used the social media accounts of some well-known people, including Elon Musk and Telegram founder Paul Durrov. By creating false accounts or answering some tweets from legitimate users on those fake accounts, offenders manage to confuse Twitter users so they can click on the answers from the false accounts.
"The results of our research show that cybercriminals are experts in keeping up-to-date and developing resources to achieve the desired results with phishing in cryptomonas," said Nadezhda Demidova, Lead web content analyst, Kaspersky Lab. "These nine methods of fraud are based on simple social engineering techniques, but they are different from these because it helps criminals to make millions of dollars. The success they enjoyed shows that they knew how to exploit the human factor, which has always been one of the weakest links in cyber security, to make money. "
In order to protect their virtual coins, Kaspersky Lab researchers recommend users to follow a few simple rules:
- Remember that offers that seem too tempting to be true should be regarded with skepticism.
- Check official sources for information about cryptomonas free distribution. For example, if you see information about the coin distribution from the recently attacked Binance blockbuster ecosystem, go to the official source and clarify this information
- Check to see if there are third parties related to the wallet transaction you are trying to transfer your money to. One way to do this is through blockchains such as etherscan.io or blockchain.info, allowing users to view detailed information about any virtual currency transaction and identify whether that wallet might be dangerous.
- Always check hyperlinks and data in your browser's address bar. For example, it should be "blockchain.info", not "blockchaen.info."
- Save your e-wallet address to a tab and access it here – to avoid accidentally reaching a phishing site
According to Kaspersky Lab's estimates, offenders have managed to earn more than 21,000 RTH (Crypto-Coin Ether, which uses the Ethereum platform blockchain) or more than $ 10 million at the current exchange rate using the tactics described above, over the past year. This amount does not take into account "classical" phishing attacks or examples that involve generating individual addresses for each victim