Sophisticated malicious outfits are keeping up with current trends, turning their sights on crypto users following the bankruptcy of FTX.
Professional scam organizations are targeting cryptocurrency users following the collapse of FTX, initiating millions of automated calls and text messages in an attempt to swindle information and funds.
Clayton LiaBraaten, senior executive adviser at Truecaller — an app that helps identify scam callers and messages — spoke to Cointelegraph, scammers often closely follow crypto news to better prey on their victims:
“Fraudsters love volatility and current events. Anytime they can try to surf the contours of something very disruptive in the marketplace they have a great deal of success.”
LiaBraaten said that Truecaller also saw an increase in scam communications relating to Bitcoin and other cryptocurrencies when the market started to become volatile earlier in 2022.
He added “agents” ultimately looking to steal funds launch millions of automated “robocalls“ and texts trying to latch onto people’s “fear, curiosity, and sometimes generosity.”
Phone numbers can be obtained in a variety of ways, including through data breaches that have leaked millions of numbers, or vitools that scrape social media platforms for information.
An imposter scam is most commonly seen by Truecaller, where a malicious actor will pretend to represent a support desk or similar entity from a major crypto exchange or business. Scammers will also publish their phone numbers on fake imitation websites, attempting to legitimize themselves.
Younger adults are more often targeted by fraudsters as “there’s so much information available about them because they put so much out there on social media,” according to LiaBraaten.
“They use the same handle for their Bitcoin forum as they do their TikTok and across all these social media platforms […] It’s very easy to build a data graph on these individuals and then begin targeting them. There’s just so much material to social engineer against with the younger generations.”
The abundance of information people put online allows scammers to send messages or calls that are in context to their intended targets, maki the malicious communications more convincing.
“They’re great psychologists and social engineers so they will try as hard as they can to bring something contextually relevant,” LiaBraaten said.
The initial call or text isn’t necessarily going to result in financial fraud LiaBraaten says, with agents first attempting to acquire or confirm information about their target in a bid to create trust.
“They’re building more and more details about the persona and when they gather enough information, then yes, they’re going to try to access your crypto wallet.”
“There’s a lot of folks who don’t really understand cryptocurrency,” LiaBraaten said. “They go after vulnerable people, so it’s unlikely that very savvy cryptocurrency aficionados are going to fall prey to this, because they’re pretty sharp about what they’re doing and very guarded.”
Regardless of a person’s ability to detect a scam, he said anyone who calls or messages asking for personal information or passwords should not be engaged with and only official channels should be used.
“One of the worst things that you can do is stay on the phone with these guys because it is their mission to relieve you of your cryptocurrency. It just takes a vulnerable moment, one minute of second-guessing yourself, and then they’re off to the races.”
In February, Binance CEO Changpeng “CZ” Zhao raised the alarm over a “massive” SMS phishing scam targeting Binance customers.
The scam involved sending users a text message with a link to cancel withdrawals, leading users to a fake website designed to harvest their login credentials.