Kaspersky Phishing Report Says Ethereum Is Most Popular Crypto Used Gor Cybercriminals
Kaspersky Report On Phishing And Cybercriminals Calls Ethereum “The Most Popular Cryptocurrency With Phishers”
One of the biggest opportunities for cybercriminals in the last few years has been with initial coin offerings (ICOs). In fact, within the second quarter of 2018 alone, $2.3 million have been stolen by hackers and other criminals, based on a recent study performed by Kaspersky, a multinational company that deals with cyber security.
The report, which is called “Spam and Phishing in Q2 2018” and can be found on SecureList.com, reviewed other ways that the industry has been at risk lately. They found that the main way that scam artists will attack is not necessarily by breaking into someone else’s ICO, but by creating their own. The majority of the fake website are part of Ethereum-based startups.
If they do not feel the need to develop a fully functioning website, they will take every other chance to create an enticing opportunity that investors would take just to directly send them funds. Most of the time, these investors are completely oblivious, thinking that they are actually investing their funds for their own subsequent profit when they will probably never see it again.
In the report, Kaspersky says,
“In addition to classic phishing, which aims at gaining access to the victim’s accounts and private key information, cybercriminals try every way to entice a victim to willingly send them cryptocurrency. One of the examples of this are cryptocoin giveaways. Cybercriminals continue using the names of new ICO projects to collect money from potential investors that are trying to gain early access to new tokens. Sometimes phishing sites pop up before official project sites. The reason for this preference appears to be due to the fact that these ICOs normally bring in more funds than those based on their own or other platforms.”
One example of these attacks happened recently on Experty, when scammers developed a website that mimicked the appearance of them to help steal investor’s information. They posted a fake invitation link, which led the investors to follow along and send funds.
Telegram’s ICO is another example, which was incredibly popular. Multiple hackers used different strategies to get a piece of the action, even developing fake websites. By the end of the official presale, the hackers had managed to almost meet the amount that the actual company had made.
At the moment, Kaspersky has been able to track phishing attempts that they consider “traditional,” and have even “prevented 58,000 user attempts to connect to phishing websites masquerading as popular cryptocurrency wallets and markets.” The numbers are much high this year, since 2017 only saw about 2,000 attempts. As a result, this year has passed $300 million in investor losses, due to the hackers, phishers, and other cyber criminals.
Previously, investors thought that the safest websites were the ones with a HTTPS prefix. However, even scam websites can find secure hosts, since it is incredibly easy to get this type of certifications. The only browser that seems t be working on their approach is Google, who released the following statement:
“Starting in September 2018, the browser (Chrome 69) will stop marking HTTPS sites as ‘Secure’ in the URL bar. Instead, starting in October 2018, Chrome will start displaying the “Not secure” label when users enter data on unencrypted sites.”
To view the full report from Kaspersky, visit https://securelist.com/spam-and-phishing-in-q2-2018/87368/.