This new advance fee fraud scheme was discovered by researchers. Proof point, Sends low-volume email campaigns and uses advanced social engineering to deceive bitcoin victims.
The scheme itself provides unsuspecting users with credentials of an alleged bitcoin investment platform and then lures victims with the promise of withdrawing millions of dollars worth of cryptocurrency from an account already established on the platform.
Although like other traditional advance fee fraud schemes, these new campaigns are far more sophisticated from a technical point of view and are fully automated. They also require a lot of victim communication as a victim needs to log in to the platform first and create an account on it so that an attempt can be made to withdraw any corrupt currency.
In a new Blog postProof Point highlights the fact that the use of cryptocurrency is significant because it does not reveal the names of both the attacker and the victim. Potential victims can be lured into how to get the money anonymously and are tax free because it is in bitcoin.
Details of your bitcoin.
Proofpoint researchers tracked the first of these expeditions in May using a 45 coin.[.]com Landing page The latest version, meanwhile, launched in July and provided safe coins to potential victims.[.]Net
According to the cybersecurity firm, each email campaign is sent to tens to hundreds of recipients anywhere in the world. However, emails from the same campaign contain the same credentials for all recipients, and it appears that more than one person can log in with the same user ID and password if they have different IP addresses and Login with browser. Once a potential victim changes passwords and adds a phone number, the account becomes unique and victims see no sign of other victims’ activities.
Users creating accounts for fake cryptocurrency platforms will see that they have 28.85 BTC. Bitcoin wallet. To withdraw this amount from their wallet, the victim first needs to transfer 0.0001 BTC to ensure that everything works to their liking. After successfully doing so, the victims found out that the minimum withdrawal amount was 29,029 BTC and they would have to add funds to be able to withdraw the full amount. However, even if they add the necessary funds, they will not be able to withdraw all their bitcoins from their account on the platform.
As with other email fraud campaigns, users should be wary of any emails from unknown senders that promise them financial incentives. Although ProofPoint has identified and highlighted many of these campaigns, the firm’s researchers believe that responsible cybercriminals will continue to develop strategies for future campaigns.