The rapid rise in the value of Bitcoins and other cryptocurrencies have attracted many eager investors, but unfortunately, have also attracted many scammers eager to take advantage of unwary investors. First, one particular scam involves an app that, for a prepaid fee, will mine Bitcoins on your behalf which are then transferred to an account from which you cannot take out the Bitcoins.
Next, there’s a new kind of phishbait chumming the online waters: suggestions that something is up with your Bitcoin wallet. Emails are hitting inboxes in the wild that warmly invite the victim to “check your wallet” for a Bitcoin deposit that’s just been made in their name, or else that advise with concern that they’ve “observed unusual activity” in that wallet.
The phishing emails are variations on a common theme, but they all invite you to “check attached slip” or “open attachment.” The attachment is an ISO file, and it contains a variety of malicious programs. Sophos, the security company who’s warning people of this scam, has observed a variety of malign payloads, but the most common one they’re seeing is Fareit, a credential stealer.
We’ve been following the phishing campaigns that have appeared during the run-up to next month’s Winter Olympics. The sort of social engineering we’re seeing, however, isn’t unique to, or even largely confined to, high-profile events like the Games.
Mark Orlando, CTO of Raytheon Cyber, reminds people that we’re likely to see more hostile cyber activity during this Olympiad than we did during the Rio games, and that this is simply a natural result of the increased coordination and logistics that take place online. “It’s natural to assume that more individuals and more individuals tied to these games will be targeted this year,” he said.
He recommends good cyber hygiene, by which he means, first, solid user training and awareness, and, second, configuring systems for resilience in the face of attack. In the case of the Olympics, “People involved with the games should know that they will be targeted. Everyone involved should be aware of the threats.”
We have some new Olympics and Bitcoin Phishing Templates for KnowBe4 customers. The categories and titles are below:
Based Blockchain Network