Cyber criminals are sending out millions of phishing emails a day, using extortion and other schemes to steal Bitcoin and other cryptocurrencies from victims.
According to a report by cybersecurity researchers at Proofpoint, the company blocks an average of one million extortion emails every day, with some days peaking at nearly two million. Researchers say most of these phishing emails and BEC attacks are asking the victim to make payments in cryptocurrency.
“Cyber criminal threats to cryptocurrency are not new, however as the general public experiences growing adoption of cryptocurrency, people may be more likely to engage with social engineering lures using such themes,” said Sherrod DeGrippo, vice president of threat research and detection at Proofpoint.
“There is no easier method of financial extraction than the illicit transfer of cryptocurrency,” she added.
One basic attack is to attempt to steal user names and passwords. “In 2022 Proofpoint has observed regular attempts to compromise user’s cryptocurrency wallets using credential harvesting. This method often relies on the delivery of a URL within an email body or formatted object which redirects to a credential harvesting landing page,” the company said.
Another of the most common methods cyber criminals in attempts to steal cryptocurrency in phishing attacks is plain old extortion. The victim receives an email from a ‘hacker’ who claims to have gained control of their computer and their online accounts with malware, as well having access to audio and video recordings of the user, alongside their browsing history.
SEE: A winning strategy for cybersecurity (ZDNet special report)
The email attempts to blackmail the victim, claiming the ‘hacker’ has embarrassing information and video recordings about them, which they’ll send to all their friends – unless they pay $500 in Bitcoin.
In reality, it’s highly unlikely that there’s any malware on the victim’s machine: the attacker has just sent out spam emails to as many users as possible. But the shock and fear of seeing that someone claims to have control of their PC is enough to trick some victims into making the payment.
Other phishing attacks around cryptocurrency payments aren’t so blunt, instead attempting to exploit the victim’s empathy rather than their fear – for example messages that claim to generate funds for worthy causes but which only serve to benefit the fraudsters sending out the emails.
Requests for cryptocurrency payments are also appearing in business email compromise scams, fraud attempts where crooks pose as a trusted colleague or business partner, asking for a large sum of money to be transferred in order to complete and important and time-sensitive deal. The attacks might sound relatively simple, but BEC is one of the most lucrative forms of cyber crime – and cryptocurrency scammers are getting in on the action.
In the example detailed by Proofpoint, an email sent by an attacker – potentially using a legitimate account that belongs to a trusted contact – claims that an urgent payment is required to seal a business acquisition deal. The matter is also described as secretive, so the victim is urged not to tell anyone about it. This, of course, is to make sure the victim doesn’t discover it is a scam.
In this case, the email requests just over $100,000 be purchased in Bitcoin and transferred to a wallet that supposedly belongs to the new acquisition – but belongs to the attackers. If the payment is transferred, the attackers walk away with a large sum of money – and even if the transaction is discovered to be false later, it’s too late for the victim.
Phishing attacks are common because people can be tricked, leading to success for cyber criminals. The best way to stay protected from phishing and BEC attacks is to be alert about common techniques used by cyber criminals, and to be wary about unsolicited emails demanding money – especially if they’re asking for it to be paid in cryptocurrency.
MORE ON CYBERSECURITY