With the proliferation and increasing sophistication of cryptocurrency scams and phishing attempts, businesses and individuals need to be on guard. What to do if you spot a scam?
Across the media, precious column inches are regularly devoted to ransomware attacks, romance scams and credit card fraud. But there’s one type of cybercrime that’s more common than all three of these combined: phishing. And, as its value rises, phishing utilizing bitcoin and crypto has unfortunately become even more commonplace.
Opportunistic fraudsters are continually looking for ways to part businesses and consumers with their hard-earned funds. Phishing websites – where false pages that mimic those operated by legitimate companies – are one of them. While some are poorly made and attempt to deceive those with little technical knowhow, others are alarmingly advanced… and sometimes, it can be near impossible to tell them apart.
Data suggests the number of unique phishing websites has been steadily rising in recent years. While 146,994 were detected in the second quarter of last year, this surged to 571,764 just three months later. A whopping 637,302 sites were identified in the final quarter of 2020, with 611,877 found between January and March 2021.
The coronavirus pandemic has contributed to a substantial rise in scam websites, and even the world’s biggest companies aren’t safe. In September – when Apple was holding a launch event for its iPhone 13 range – fraudsters built a site to dupe those looking for a livestream of the announcement. The dodgy page featured old interviews of Tim Cook, the tech giant’s CEO. And inevitably, it also displayed a classic Bitcoin giveaway scam – promising users who sent crypto to a specific address that they would get twice as much back.
Coinbase, one of the biggest exchanges in the world by market volume, and considered one of the most secure, reported that in September 2021 around 6000 customers were victims of a scam. Bad actors gained access to accounts via an SMS account recovery process exploitation, and transferred funds to crypto wallets not associated with Coinbase.
Indeed, Crystal Blockchain also has experience of being mimicked. Our logo was illegally used on a website recently, and we took action to ensure people weren’t deceived.
It’s a scary world out there. But thankfully, there are ways to beat the scammers at their own game. It’s all about due diligence – and taking a little extra time to make sure you’re in the right place. Following these steps may seem arduous at first, but they could protect your personal information and your balance in the long run.
So: let’s imagine that you’ve inadvertently arrived at a website that claims to be the official portal for a large company. What are the signs to look out for that someone is trying to pull the wool over your eyes?
We’re all accustomed to logging in to accounts – sometimes without giving things a second thought. Usernames and passwords are the most common combination, and the consequences of handing this over to a scammer can be severe. However, scammers may also try to solicit other forms of information from you – including security details you’d never normally be asked for. Think twice before accepting this as a normal procedure.
Sometimes, it’s easy to feel stupid when you’re asking questions to verify a website’s authenticity. But this is far better than feeling stupid after you’ve been successfully targeted by a scammer.
Always consider getting advice from a professional when contemplating investment choices – especially if you’ve come across an opportunity on a website you’ve never heard of. Scammers will often promise high returns over a relatively short period of time, and more often than not, what they’re offering is fraudulent.
The old adage of “there’s no such thing as a free lunch” applies here. If something seems too good to be true, it probably is. There have been too many incidents where someone’s judgment has been clouded by the prospect of quick riches and untold wealth – and as a result, accounts have been siphoned of their life savings.
But here’s the gut-wrenching thing: many malicious actors won’t give targeting you a second thought. After all, some ransomware groups have even been known to deliberately cripple the infrastructure of hospitals during the pandemic.
All of this logic should also apply to the links that you may come across in emails and conversations on social media you have with your friends and family. A friendly message from a loved one, recommending that you visit a certain site, may actually lead to something more nefarious – and their account could be compromised.
Unfortunately, there’s little doubt that this is a problem that’s getting worse. In September 2021, the UK’s Financial Ombudsman Service revealed that it has seen a “dramatic rise” in complaints about fraud and scams. Between April and June, the number of cases investigated was 66% higher than the same period a year earlier.
And here’s the problem: the number of scam websites and ransomware crimes that attempt to swindle cryptocurrency out of victims is also on the rise.
Now, Crystal Blockchain has officially launched Investigation Services – a dedicated department headed up by Scott Pounder. He has more than 16 years of law enforcement experience and has played an instrumental role in taking down websites that had links to money laundering, fraud and scams.
When businesses are affected by crypto-related scams, they now have a destination where they can turn to for help – even if retrieving lost funds may seem impossible in the world of digital assets. Given how we cover 98% of coins, our tools can identify the flow of transactions that may have been lost in one of these incidents.
Crystal is also making it more difficult to hide in the world of decentralized finance too, where accounts can be established without Know Your Customer checks. We’re now proud to offer 80% coverage across the market volume of DeFi protocols.
As the number of scam and scam websites continues to rise, ensuring you’re protected against the dangers they pose has never been more important.
If you have questions related to potential fraud, scamming or phishing attempts on you or your business – and what to do next – contact firstname.lastname@example.org