Buying Bitcoin? Watch Out for These Common Phishing Attacks
Created at September 8, 2021
You don’t have to look far to see that interest in bitcoin is on the rise and in the news more and more every day. All this talk of “wallets,” “meme coins,” and “mining” is sure to have caught your attention at one point or another, leading you to wonder whether or not it’s worth a second look.
Of all the cryptocurrencies being talked about today, Bitcoin (BTC) is the one you’ve likely heard the most about, thanks to its accessibility and the groundbreaking headlines it’s made in recent months. Unfortunately, the hype surrounding it has also caught the attention of cybercriminals, and they haven’t hesitated to capitalize on it—even for a moment.
Since cryptocurrency is still considered to be in its infancy stages, there’s a lot of mystery and misinformation surrounding the growth of this decentralized asset. This can make it difficult for newcomers to discern fact from fiction on something that can already be a challenge to understand, so we’re here to help you clear the air and make only the smartest and safest decisions regarding where your money goes.
While BTC is something worth looking into, it’s not something worth ditching your cybersecurity due diligence for. Here are some common phishing attacks to look out for while adding to your new crypto wallet.
Suspicious Log-In Emails
This is a classic phishing strategy that uses a fake email alerting users of a suspicious sign-in attempt to their wallet. Emails like these will appear to be from reputable Bitcoin-related websites and ask for users to click on a malicious link that will prompt them to enter their private login information. Once this information is provided, the cybercriminals on the other end will have access to the user’s account, giving them the ability to empty their wallet.
Instead of asking for login credentials, BTC sextortion emails claim to have evidence of a users’ browsing history to blackmail them into providing payment in the form of Bitcoin wallet deposits. Beware: sometimes, these cybercriminals do research on their intended victims to increase their chances of eliciting the response they want. Don’t fall for this common social engineering tactic!
Google Docs Scams
This is another scam that exploits the Google Doc functionality that many of us know and use every day to trick BTC miners into giving up thousands of dollars worth of crypto. First, users receive an email notifying them that they have been mentioned in a Google Doc by a familiar party informing them that hard-to-come-by mining equipment has become available for a limited time. Then, after the provided link is clicked, they are led to a very convincing website that offers rare equipment in exchange for Bitcoin. Of course, this page is fake, and once payment is processed, funds are lost.While this particular incident targeted miners and not the everyday investor, it should still be noted that scams like these exist and are becoming increasingly convincing. Click here for a more detailed look at how this scam works.
Outdated Bitcoin Wallet Software Exploitation
When a software update is released for any platform, it can often include important security measures that are put in place to thwart cybercriminals from exploiting vulnerabilities that might have been identified in earlier versions. One scam like this found a user supplying their login credentials to a malicious source to the tune of roughly $16 million.
The lesson? Always be wary of credential requests and always use the most up-to-date software.
As cryptocurrency continues to grow, we can only expect attempted attacks on investors to do the same. Always stay on your guard and practice smart cybersecurity habits whenever interacting with technology, especially when it comes to something that you may be new to and especially when it involves your hard-earned money.
Does your organization use Google Docs to accomplish work? Do you frequently send and receive documents to and from people outside of your organization? If you answered “yes,” then you might be at risk for another new phishing scam that...