With the value of crypto-currencies like bitcoin continuing to climb, cyber-criminals are looking to expand the tricks they use to steal these virtual dollars.
The newest trick in their arsenal is to use the websites that support the various currencies as bait in phishing scams. A Proofpoint report pointed out several examples of crypto-currency users being hit with phishing scams that attempt to steal wallet IDs and credentials that would allow them to withdraw money from the victim's digital currency wallet. Ironically, the anonymised nature of these currencies makes it almost impossible to track the thief or where the money went.
Not surprisingly bitcoin, as the most popular digital currency, is frequently found at the centre of these attacks with cyber-criminals using emails purportedly from bitcoin-wallet provider blockchain.com as a lure. The emails match Blockchain's typical email format and use the correct branding and normally tell the target that a recent transaction was not successfully completed. It then asks for the victim to follow a link that will lead them to a “Blockchain” page where they are asked for their login credentials. To make certain the phishing emails and fake websites appear genuine the scammers keep an eye on any changes made by Blockchain or other digital currency company.
“We have observed regular updates to phishing templates keeping them in step with design changes to the legitimate blockchain.com website,” Proofpoint said.
Even though the majority of attacks do target bitcoin, the bad guys are not ignoring the lesser-used varieties like Monero, Dash and Ethereum and also have their eyes on crypto-currency exchanges like Poloniex. In the case of going after the exchange the criminal is simply avoiding having to deal with the middle man, the customer.
“These templates attempt to steal wallet IDs and credentials that allow actors to conduct fraudulent transactions with third parties or withdraw funds directly,” Proofpoint reported.