Looking from the outside in, the world of crypto looks like the most degenerate and dysfunctional community of web users you could ever imagine with this year being a particularly harsh time for crypto enthusiasts. The truth, however, is that crypto isn’t going anywhere, even in the wake of the FTX collapse and the crypto community is still here. Unfortunately, this means that the crypto community will still be targeted by active cyber threats like this new phishing scam, which we are reporting on today. Here is what you need to know.
Researchers at Pixm, which is a cybersecurity firm that specializes in using artificial intelligence as a means to prevent phishing attacks, have identified a new phishing scam that are targeting users of Coinbase, which is one of crypto’s leading centralized exchanges and Metamask, which is a very popular crypto wallet app.
The new scam uses real web hosting services to host fake websites and landing pages designed to target victims and trick them into passing over the security login details and even help them pass two-factor authentication.
As is often the case with phishing scams, they come in the form of emails with this particular instance seeing users receiving emails saying their accounts have been suspended. Urgency is built into the text of the email in an attempt to pressure the potential victim into quickly pressing a link that will lead them into trouble.
Incredibly, from this point, the scam involves the scammers actually chatting with the victims via a fake chat support window. This is designed to help them lower their guard further as well as be able to request information that may be needed to help bypass the two-factor authentication defenses many crypto sites and services require users to set up.
The sad fact is that while crypto does offer emancipatory possibilities it is also rife with risk. Should attackers take control of a centralized exchange account or a crypto wallet, they basically have the keys to the victim’s bank, which they can empty at will. This is why particularly in these difficult times for crypto with massive multi-million dollar hacks still fresh in our minds, it is more important than ever to be vigilant for phishing attacks and scams.