A lot of tech-oriented people considered getting into the crypto world at some point, either investing in established or promising tokens or simply mining their own coins. Especially when you could simply use the excessive processing power of your computer for mining.
And even if you ultimately didn’t jump on the crypto train, just considering that possibility might get you into trouble later down the road.
That’s because crypto scammers are trying to trick people into thinking that they actually registered on an online Bitcoin mining platform back then. They are sending phishing e-mails claiming that the user registered for an online Bitcoin mining platform 364 days ago and hasn’t used the service ever since.
The scammers then say that due to this inactivity, the account will be closed in 24 hours, a year after an alleged registration.
What is the lure? A fake five-digit balance on the fictional account, allegedly gathered by an automatic cloud Bitcoin mining system using your own linked computer.
This type of online fraud is not completely new. Like many other scams, it has been running for months. Neowin got to see several such phishing e-mails: the subjects and e-mail bodies differ a little over time, but they have one in common – the text wants you to download and open an attached PDF file.
Now, for an experienced internet user, that is a clear red flag. However, not so much for everyone else. Needless to say by opening a suspicious file from an unknown sender you are literally asking for trouble.
Neowin has run tests on a few of these malicious files through online analyzing tools, and the results have varied a lot. Some of the files looked like they were hiding their real contents to avoid detection by antivirus software, some seemed to have the ability to communicate with remote command servers and to drop files into your computer. A possibility of a ransomware attack, encrypting your precious data and asking you to pay for it, was also detected.
But mostly the files greeted you with a colorful message, slightly more detailed information, and a URL where you are supposed to withdraw your fictional money.
It’s the exact type of scheme that security firm Kaspersky had investigated some months ago. The modus operandi? Online scammers want you first to log in to your (yes – non-existent) account where you will see a history of fake transactions.
When you try to withdraw the funds, you will be connected with an agent via online chat. Now things get tricky because the agent asks you to fill a form containing personal data, including the number of your payment card.
Then comes the payout – but not for you, though. You are instructed to pay a relatively small conversion fee to turn your fictional crypto into real dollars. Essentially, you are promised big money for a small upfront payment, a popular practice among scammers.
If you pay the fee, you will hear no more from the fraudsters. And the fee might not be the only money you lose. Do not think that the scammers won’t try to use the card number you gave them just a moment ago.
And on top of it all, the aforementioned PDF file could still potentially contain a malicious code for a later execution, for example, to run a ransomware attack in an attempt to strip you of more money.
You might think that nobody buys such an obvious, amateurish-looking phishing attempt. But don’t forget that scammers are not expecting high turnover rates. They only need a fraction of recipients to believe that the communication is legitimate.
And the stuffed account doesn’t sound as ridiculous when you consider that a single Bitcoin now costs over $40,000. An inexperienced user can conclude that the scenario is real.
So, what to look for when you receive a suspicious e-mail? First of all, take a closer look at the sender’s address. It is usually gibberish or something that doesn’t sound like a legitimate service at all.
The communication is often not very well stylized and with a lot of mistakes. In this particular case, there was not even a mention of the platform’s name.
Also, look for inconsistencies. For example the deadline for withdrawal. At one place the hackers urge you to do it within 24 hours, then it is 48 hours, then less than 24 again...
A legitimate business will be unlikely to instruct you over a shady PDF file. You will either get the necessary information right in the e-mail body or through the official website of the service.
And the most important advice – never give your sensitive information and card number to an unknown service, no matter how hard they try to convince you that you are their client.
7 Comments - Add comment