Cryptocurrency
Cryptocurrency exchange platforms allow you to buy and sell cryptocurrencies, such as Bitcoin. When you buy cryptocurrency, it’s stored in a digital wallet. Most cryptocurrency exchanges require that you use an additional authentication method to access your wallet. Cybercriminals use social engineering to bypass this added level of authentication to steal your currency.
In a new scam, cybercriminals have been sending emails impersonating a cryptocurrency exchange representative. The email states that you need to provide information to receive a refund due to an issue with your account. To obtain the refund, you are asked to click a link and enter your recovery phrase. If you click the link and give them your information, cybercriminals can use it to reset your password, preventing you from accessing your account. Then, they can transfer your currency to their accounts.
Although our focus here is on cyber currency, the following tips can help you stay safe from many other social engineering efforts:
- Always be cautious of unexpected emails. While this attack targets cryptocurrency wallets, similar emails are used to gain access to any account that requires additional authentication methods.
- Watch out for messages that offer refunds or special promotions that seem too good to be true. Phishing attacks rely on impulsive actions, so always think before you click.
- Never provide sensitive information through email. If you receive an email claiming that you have an account issue, always log in to the organization’s website directly to verify the claim.