UK financial regulator warns of fraudsters posing as Blockchain.com
The financial conduct authority (FCA) has raised the alarm about fraudsters who want to lure the public with a cloned version Blockchain.com, a cryptocurrency wallet and trading company.
Scammers use the brand to cheat
Scammers in the crypto space have become sophisticated, creating fake companies with dozens of websites, fake social media accounts, and a 24-hour customer support service.
In July, Whale Alert reported that the scammers “worked tirelessly” as they stole only $ 24 million worth of Bitcoin In the first half of 2020. A leading provider of blockchain tracking and Analytics noted that this growth was driven by increased aggressiveness and professionalism. Fraud is rampant, starting with sending emails with malware and sextortion.
Cloning Blockchain.com, the scammers intend to lure the unsuspecting public into their trap. The FCA warned:
“Hackers use information about firms that we authorize to convince people that they work for a real, authorized company”.
The financial observer stated that Blockchain.com and Blockchain Ltd is not the same thing, and it was a method used by criminals to deceive non-observant people who can’t notice the difference. The report states:
“Keep in mind that fraudsters may give out other false information or mix it with some correct information about a registered company. Over time, they may change their contact details to new email addresses, phone numbers, or physical addresses.”
Phishing attack targets Ledger wallet
Customers of Ledger, a hardware wallet for cryptocurrencies, were also previously subjected to a phishing attack under the guise of an email from the support service.
The fake email allegedly informs users that their assets in Ledger may be compromised. It says: “Our forensic team found that several Ledger Live administrative servers were infected with malware.”
This statement is false. Although the email form looks professional, this is a phishing attempt to steal customer data.
The message is so convincing that even cautious users can be deceived. Ledger confirmed that the attack was aimed at customers of the cryptocurrency wallet.
The roots of phishing attacks
In July, the Ledger team discovered that an API key associated with their e-Commerce and marketing database had been hacked and the database was accessed by an unauthorized third party. Database details (mostly email addresses) were used to send order confirmations and promotional emails.
In a blog post revealing the hack, the team emphasized that users ‘ payment information and crypto funds are secure.
A key sign of any phishing email is a slight misspelling of the real address or URL. In this case, it was incorrectly written “ledger.com”.
Phishing attacks are common, and attackers are becoming more sophisticated, creating emails that resemble official company correspondence. They rely on a person making a mistake and clicking on a link that could compromise their security.
In September, the European Union (EU) Parliament said it was considering setting up a restitution Fund for victims of crypto fraud after a consortium of individuals, organizations and companies filed a petition. The purpose of the petition was to create a compensation fund for victims of crypto fraud.