SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Cryptocurrency-related phishing attacks up by 40% - report
Thu, 13th Apr 2023

In 2022 the number of cryptocurrency-related phishing attacks prevented by Kaspersky anti-phishing systems increased by 40% compared to the previous year, with more than five million attacks being stopped, the company recently announced.

Conversely, there is a decrease in the detection of traditional financial threats, such as banking and mobile financial malware. These and other findings are in company's latest report on Financial threats.

Kaspersky's new report highlights how the financial threat landscape saw significant changes in 2022. The researchers find that while attacks using traditional financial threats such as banking PC and mobile malware have become less common, cyber criminals have shifted their attention to new areas, including the crypto industry.

In 2022, cryptocurrency phishing rose significantly and was included as a separate category, demonstrating 40% year-on-year growth with 5,040,520 detections of crypto phishing in 2022 compared to 3,596,437 in 2021.

This increase in crypto phishing could be partially explained by the havoc on the crypto market that occurred last year. However, it is still unclear whether the trend will continue, which will depend on the trust that users place in cryptocurrency, Kaspersky states.

These insights correlates with users' experiences with cryptocurrency threats explored by Kaspersky earlier this year - every seventh person surveyed was affected by cryptocurrency phishing.

Although most crypto scams are traditional tricks such as giveaway scams or fake wallet phishing pages, a recent active fraudulent scheme discovered by Kaspersky shows that scammers are constantly coming up with new techniques to ensure their success.

In this campaign, the user receives a PDF file in English by mail, stating that they allegedly registered on a cryptocurrency cloud mining platform a long time ago and need to urgently withdraw a lot of crypts since their account is inactive.

The file contains a link to a fake mining platform. To withdraw the crypt, the user must fill out a form with personal information, including the card or account number, and pay a commission, in this case, through a crypto wallet or directly to the specified wallet address.

Olga Svistunova, Security Expert at Kaspersky, comments, "Despite some troubles that have occurred in the cryptocurrency market over the past six months, in the minds of many people, crypto still remains a symbol of getting rich quick with minimal effort.

"Therefore, the flow of scammers who parasitise on this topic does not dry out. In order to lure victims into their networks, these scammers continue to come up with new and more interesting stories."

To maximise the benefits of using cryptocurrency safely, Kaspersky experts recommend:

  • Be cautious of phishing scams: Scammers often use phishing emails or fake websites to trick people into revealing their login credentials or private keys. Always double-check the URL of the website and don't click on any suspicious links.
  • Don't share private keys: Private keys unlock a cryptocurrency wallet. Keep them private and never share them with anyone.
  • Educate yourself: Stay informed about the latest cyber threats and best practices to keep your cryptocurrency safe. The more a user knows about protecting themselvs, the better equipped they are to prevent cyber attacks.
  • Research before investing: Before investing in any cryptocurrency, research the project and the team behind it thoroughly. Check the project's website, white paper, and social media channels to ensure that the project is legitimate.
  • Use security solutions: A reliable security solution will protect devices from various types of threats. Certain solutions prevent all known and unknown cryptocurrency fraud, as well as unauthorised use of a computer's processing power to mine cryptocurrency.