Geeks for your information Security Security Vendors Avast Avast Blog News and Info v
Avast_Security_News: Phishing scams are taking advantage of crypto hype
Avast_Security_News: Phishing scams are taking advantage of crypto hype
harlan4096 Online
MalWare Zoo Team
*******
Posts: 13,816
Threads: 9,256
Thanks Received: 8,903 in 7,082 posts
Thanks Given: 9,584
Joined: 12 September 18
#1
Information  15 July 21, 08:08
Quote:
[Image: crypto-scams.jpg]

Wherever cryptocurrency is growing in popularity, crypto-based scams are not far behind

Since the beginning of 2021, there’s been a rise in the prevalence of crypto-related phishing sites in certain parts of the world. The rise of these fraudulent sites is higher in countries where cryptocurrency adoption is most prevalent. The United States, Brazil and Nigeria are the biggest targets for these crypto scams, with notable levels of scams also in the UK, France, Russia and India. 

In our latest research, Avast Threat Labs have monitored a selection of 37 samples. The majority of these sites pose as legitimate custodial wallets (more on those below). The global heatmap below shows where around the world users visited crypto-related phishing sites in the first six months of this year.

Peter Kovac, senior researcher at Avast, said, “The crypto market is surging right now. Bitcoin has been given a boost following recent news from El Salvador that it will be recognized as legal tender in the country - with other countries in the region tipped to follow suit.”

“This surge in Bitcoin is having a knock-on effect across the wider crypto space and some analysts are even predicting that 2021 will be a record-breaking year for cryptocurrencies. However, as it has grown in popularity, it has also grown as a more lucrative target for hackers — and our researchers have found the levels of crypto-related scams are most prevalent in regions where cryptocurrencies are gaining popularity.”

Given its growing popularity, we’re here to provide advice on how to store cryptocurrencies, keep your funds safe, and spot scams. 

How to (safely) store your cryptocurrency

There are several storage methods and crypto wallets that you can deploy to securely store your cryptocurrency. Each has its own advantages and potential security pitfalls. 

Custodial wallets

With a custodial wallet, cryptocurrencies are managed by some other entity, like a cryptocurrency exchange (think Binance) or another similar service. A custodial wallet works like a traditional bank account, where you can log in and manage your funds. 
  • The advantages: The burden of securing funds is partially offloaded to the service provider, providing you with guarantees and insurance (to a certain extent).

  • The risks: If the service goes bankrupt or is fraudulent, it could lose some or all funds. If this happens, you’re at the mercy of the service provider, and they may limit your access to your money.

  • Relevant threats: It’s vital that you view their crypto account like any other form of online banking, with the same threats and vulnerabilities facing it, without the same protections and insurances that they have with traditional banks. As we’ve already mentioned, phishing is one of the biggest threats facing custodial wallets, with fake websites impersonating exchanges and services designed to steal your credentials and funds popping up left and right.
Software wallets

Software wallets are applications that manage your private keys and allow you to make transactions directly. 
  • The advantages: Software wallets are designed to be very convenient and easy to use. As a non-custodial wallet, you have complete control over their funds.

  • The risks: The device the software wallet is stored on will be the single point of failure. If a device with the app is hacked, stolen or even damaged, you could permanently lose access to your funds. 

  • Relevant threats: Besides the physical risks, ransomware encrypting the device and data stored on it (and demanding a ransom payment to unlock said device and data) poses a major threat. Trojans spying on your data, and backdoors letting intruders into the device, also pose a huge risk to software wallets. 
Paper & brain wallets

Paper or “brain” wallets are the most simple solution for storing your credentials, but they’re also the most error prone. 
  • The advantages: Put simply, the advantages of paper and brain wallets are their simplicity, lack of cost, and the fact that they’re not susceptible to hacking or other computer threats.

  • The risks: If something happens to the paper, such as damage or theft (or, if you happen to forget where you have it stored away), you risk losing all of your funds.

  • Relevant threats: There will be no backup in case of loss of paper or memory. Once it’s gone, it’s gone for good. 
Hardware wallets

Hardware wallets are a separate physical device, such as a USB drive, that acts as the wallet. These wallets also come with a “recovery sheet” with the private key written on a piece of paper (or carved into steel to withstand fire and other forms of physical damage). 
  • The advantages: Hardware wallets are especially designed to prevent hacking. Only very select, skilled individuals have shown the ability to crack a hardware wallet after having long-term physical access to it.

  • The risks: As with any physical device, losing it would be one of the biggest risks. However, if you’re using it according to the best practices by having a secure safety pin/password, it’s a fairly secure option. While not necessarily a risk, hardware wallets can be expensive, with associated safekeeping costs.

  • Relevant threats: Providing you follow best practices, the threats are minimal. Most hardware wallets require several checks before they allow people to send money. These happen on the device and private keys never leave that device.
How to keep cryptocurrency safe

Crypto scams can come in many forms online, from “crypto giveaways by Elon Musk” to “we will invest your money for you with XYZ% gains every month”. The bottom line? If it sounds too good to be true, then it probably is. Use your best judgement. In addition to that:

Watch out for unsolicited private messages: Whether they’re on WhatsApp, Telegram, or any other social media forum, you should immediately block any unsolicited message that may be fraud. For example, if a message comes from an unknown number or one of your contacts yet looks unusual or suspiciously urgent, keep in mind that your contact’s phone might have been hacked. In these cases, it’s best for you to reach out to the person in question by calling them and make sure they really did send you the message before taking any further action. Even if the message is unrelated to crypto, the intention can still be to spy on your data. 

Be aware of mobile phishing: Hackers are increasingly targeting victims on their mobile devices in order to steal crypto credentials. These social engineering attacks can come from anywhere on a mobile device, including texts, social media, third-party messaging platforms or email. Beyond phishing, malicious mobile apps are also on the rise that have the hidden ability to log keystrokes and spy the activity on people’s screens. To prevent phishing attacks, you can use Avast Secure Browser, which offers an anti-phishing feature that blocks dangerous websites on desktop and Android devices.
...
Continue Reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Find out if an USB device is fake with f...
Fake USB devices c...harlan4096 — 08:47
Windows 11 KB5048685 Update causes Wi-Fi...
The KB5048685 Upda...harlan4096 — 12:36
Windows 11: issue may prevent further in...
The latest version...harlan4096 — 08:47
Notepad++ v8.7.5 (2024-12-25)
Notepad++ v8.7.5 (...harlan4096 — 08:16
AdGuard for Mac 2.16.2
AdGuard for Mac 2....harlan4096 — 08:13

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>