If someone offers cryptocurrency for nothing, remember the only free cheese is in a mousetrap. Here’s what’s really going on.
The recent price rollercoaster of Bitcoin and other cryptocurrencies have made this topic incredibly hot. Whereas only a year ago cryptocurrencies were the domain of geeks, now all online media are talking about them, and even TV and radio have joined in. Not a day goes by without fresh reports from the cryptomarkets.
But scammers too have been quick to smell the opportunity. Indeed, cryptocurrencies have given phishing — the creation of fake sites to steal credentials from unwary users — a new purpose.
The simplest version of cryptocurrency phishing, aka cryptophishing, involves good old-fashioned spam mailings. In this case, such e-mails appear to originate with providers of cryptocurrency-related services — Web wallets, exchanges, and so on.
The messages are markedly more detailed and sophisticated than the average phishing e-mail. For example, one might be a security alert saying that someone just tried to sign into your account from such and such address using such and such browser — all you have to do is click the link to check that everything’s OK. The potential victim might even have requested such messages on the cryptowallet site, in which case they will notice nothing untoward.
Or it might be an invitation to take a survey about a cryptocurrency event, offering a fairly generous reward for your opinion (say, 0.005 bitcoin, which amounts to about $50–$70 at the current rate). Click on the link, it says, to enter.
The result is always the same: The victim is directed to a fake version of the expected cryptocurrency site and asked to enter their e-wallet credentials. Most popular Bitcoin Web wallet sites look quite simple, yet recognizable, which helps criminals to create convincing imitations.
The stakes are pretty high: Hijacking an e-wallet that contains a few decibitcoin isn’t like stealing a piffling e-mail account — those fetch some 20 cents per bucket on the black market. In e-wallets, criminals see a quick and direct route to some juicy pickings, so they are investing more in phishing messages and making them more plausible.
A more intricate cryptophishing scheme was discovered recently that uses some, shall we say, interesting features of Facebook. Here’s how it works.
Lately, the cryptomarket may have resembled a magic money tree, but cryptocurrency services are not charities, and they do not give away money for the fun of it. If someone promises you free cryptocurrency, most likely it’s on the end of a hook.
Article Source: kaspersky.com
Before you start risking your money, check the credibility of the desired website. Search for its URL in the our long list of Scam sites, or send us a request to check its validity, and do not register, buy or invest in it until you are sure of the validity and legality of that website or platform.