Maryland Police Warn Gmail Users of Phishing Scam Demanding Bitcoin

September 20, 2024 Bitcoin.com

Coinbase rolls out crypto transfers via links sent on WhatsApp, Telegram

December 5, 2023 Coin Telegraph

Recipients need to download a Coinbase Wallet to receive the funds, but the crypto exchange says they’ve simplified the process for less tech-savvy users.

A new feature from Coinbase Wallet allows for the transfer of crypto through a link that can be sent through some of the most popular social media sites and messaging apps as the crypto exchange looks to make its service accessible to a wider market.

“Users can now send money on any platform that they can share a link,” Coinbase said in a Dec.

There’s no payment fee when sending USD Coin (USDC), a U.S.

Send money anywhere you can send a link.

Easily. For free.

⤷ https://t.co/CKyLu1wYEw pic.twitter.com/XX9YaZZEPm
— Coinbase Wallet ️ (@CoinbaseWallet) December 5, 2023

Clicking the link will take the recipient to their device’s app store to download Coinbase Wallet — if not already downloaded — where they can create a wallet in one click, Coinbase noted.

If the funds aren’t claimed within two weeks, they will be returned to the sender.

Coinbase also made a “simple mode” for its wallet to help new and less savvy tech users which only shows basic functions like buying, sending, receiving and viewing assets.

Nansen phishing emails flood crypto investors’ inboxes

November 24, 2023 Coin Telegraph

Coin Telegraph

On Sept. 22, one of Nansen’s third-party vendors suffered a security breach, which exposed the email addresses of 7% of the system’s users.

Numerous users of the crypto analytics platform Nansen have received phishing emails from scammers pitching an “exclusive opportunity” to participate in the fictitious “Nansen Airdrop.”

On Nov. 23, crypto community members on X (formerly Twitter) flagged an ongoing phishing campaign targeting Nansen users. The scammers are impersonating Nansen and sending fake invitations to an exclusive airdrop event.

Cointelegraph confirmed the hack from crypto investigator Officer’s Notes (Officercia), who initially warned the community about the ongoing attack. He suspects that user data from a previous third-party database leak is being used to target Nansen users.

On Sept. 22, one of Nansen’s third-party vendors suffered a security breach, which affected nearly 7% of the system’s users. The users affected by the breach reportedly had their email addresses exposed, along with some password hashes, and several had their blockchain addresses compromised. At the time, Nansen claimed it would identify and inform those affected and ask them all to change their passwords. It also clarified that wallet funds were unaffected by the event.

*Nansen phishing email. Source: @offiercia (X)*

The screenshot of the Nansen phishing email shared with Cointelegraph shows the sender was “mail@networkforgood.com,” an email address completely unrelated to the original analytics platform.

It said that for the next 48 hours, users could claim a guaranteed allocated amount of fake NANSEN tokens. The scammers attached a link to the email, which would redirect users to a potentially rigged website.

Officercia advises reporting suspected phishing links to databases such as chainabuse.com, cryptoscamdb.org and phishtank.org, which help the internet community reduce the success rates of such attacks.

Nansen has not responded to Cointelegraph’s request for comment.

Even more crypto investors are potential phishing targets after user data from TrueCoin and FTX bankruptcy claims, among others, was leaked recently.

This is just someone scraping our public API that shows the association between public wallet addresses and public Twitter usernames.

It’s like saying someone hacked you by looking at your public Twitter feed.

Irresponsible reporting from @TheBlock_ and @vishal4c https://t.co/GIXOWazqBk
— friend.tech (@friendtech) August 21, 2023

However, Friend.tech recently denied claims that its database of over 100,000 users was leaked. “It’s like saying someone hacked you by looking at your public Twitter feed,” explained the Friend.tech team, clarifying that the information came from scraping its public API.

Magazine: This is your brain on crypto: Substance abuse grows among crypto traders

OpenSea NFT users report massive email phishing campaign

November 15, 2023 Coin Telegraph

Coin Telegraph

OpenSea users have reportedly been targeted with a widespread email phishing campaign, including a fake developer API risk alert and a fake NFT offer.

Users of the major nonfungible token (NFT) marketplace OpenSea have said they are being targeted with a new email phishing attack, and have received emails containing malicious links from attackers posing as the marketplace itself.

According to social media reports, OpenSea users and developers have been targeted by various email phishing campaigns, including a fake developer account risk alert and a fake NFT offer.

One OpenSea developer took to X (formerly Twitter) on Nov. 13 to report receiving a phishing attempt to an email strictly dedicated to their OpenSea Application Programming Interface (API) key. “In other words, dev contacts have been exfiltrated from OpenSea and are the real target in this campaign,” the poster said.

The social media report came in response to OpenSea's insistence that the platform has not been hacked and urging users not to click on links they don’t trust.

Correct- there is no smart contract vuln. But unfortunately for @opensea I just received a phishing attempt, to an email that was strictly dedicated to my OpenSea API key. In other words, dev contacts have been exfiltrated from OpenSea and are the real target in this campaign https://t.co/GD4UgwWIrx pic.twitter.com/rtyUJBMlwl
— Quantity (@quantity) November 13, 2023

Another OpenSea user took to Reddit to express confusion about the ongoing phishing campaign on Nov. 14.

“Haven't used OpenSea for years and all of a sudden, I keep getting emails talking about my NFT listings getting offers,” the poster wrote, adding that all the vulnerable links were trying to direct the reader to install a malicious app.

“Right now I'm getting 3-4 scam/phishing emails a day which is crazy since I got zero just a few weeks ago,” the Redditor wrote, adding:

“So my question is did something new happen to OpenSea. The email address of mine they are hitting is one I created specifically for OpenSea so not concerned but I know OpenSea had hacks previously. Are they just now hitting up my email or is there a new one?”

The news comes a few weeks after one of OpenSea’s third-party vendors experienced a security incident that exposed information related to user API keys. OpenSea reported the breach in a notification email to affected users in late September 2023, stating that user emails and developer API keys may have been leaked due to the attack.

Choose your third party well…
Opensea posted that a vendor was attacked, resulting in the leak of developers' API keys!
Get advice from a professional security consultant about the safety of the third party before choosing. E.g. @SlowMist_Team pic.twitter.com/jcBJ9IaAEN
— 23pds (@IM_23pds) September 23, 2023

OpenSea users have received phishing emails previously. In February 2022, OpenSea officially confirmed that its platform faced a phishing attack from outside the OpenSea website and urged users to stay away from clicking on any links in the emails. The firm was also investigating rumors of an exploit associated with OpenSea-related smart contracts.

OpenSea did not immediately respond to Cointelegraph’s request for comment.

This latest phishing campaign is happening just after OpenSea laid off 50% of its staff, with the stated intention of launching OpenSea 2.0 with a smaller team.

This attack is yet another reminder for the cryptocurrency community to stay vigilant when receiving emails from service providers. To avoid a phishing hack, users should be cautious of the email sender’s authenticity and the associated links. Users should also remember that crypto firms never ask their users for personal data like wallet addresses or private keys.

Magazine: How to protect your crypto in a volatile market — Bitcoin OGs and experts weigh in

Crypto wallet Trezor looks into phishing campaign, exec says

October 27, 2023 Coin Telegraph

Coin Telegraph

Trezor’s brand ambassador Josef Tetek emphasized that the hardware wallet firm never asks for users’ recovery seed, PIN or passphrase.

Cryptocurrency hardware wallet provider Trezor is investigating a recent phishing campaign, as users have reported receiving phishing emails.

The anonymous blockchain sleuth ZachXBT took to his Telegram channel on Oct. 26 to alert users to a phishing attack targeting Trezor customers.

ZachXBT referred to an X (formerly Twitter) post from the account JHDN, which alleged that Trezor may have been breached after receiving phishing emails on the email account used specifically for buying the wallet.

In a similar manner to some Trezor-related phishing attacks in the past, the phishing email invites users to download the “latest firmware update” to users’ Trezor devices in order to “fix an issue in software.” According to the poster, the malicious email was sent from the email amministrazione@sideagroup.com.

It looks like Trezor may have been breached? @Trezor @zachxbt #Trezor pic.twitter.com/4lmjZE1Quk
— j (@JHDN) October 26, 2023

“Be careful this person just received a phishing email to the email address associated with their Trezor purchase,” ZachXBT wrote, adding that the social media report could point to a potential data breach for Trezor or Evri, the United Kingdom delivery company that ships Trezor devices.

ZachXBT mentioned that two other people on Reddit complained about the same Trezor phishing email today.

According to Trezor’s brand ambassador Josef Tetek, the firm is aware of the ongoing phishing campaign and is actively looking into it.

“We continuously report fake websites, contact domain registrars, and educate and warn our customers of known risks,” Tetek said, referring to multiple articles aiming to help users deal with phishing attacks. One such article says that phishing emails often redirect to download a Trezor Suite lookalike app that will ask users to connect their wallet and enter their seed.

“The seed is compromised once you enter it into the app, and your funds will then be immediately transferred to the attacker's wallet,” the page reads.

Tetek emphasized that Trezor never asks for users’ recovery seed, PIN, or passphrase, adding:

“Users should never enter their recovery seed directly into any website, or mobile app or type it into a computer. The only safe way to work with the recovery seed is as per the instructions shown on a connected Trezor hardware wallet.”

Cryptocurrency investors have been suffering from multiple phishing attacks despite many efforts to curb such scams. In September, a large crypto investor reportedly fell victim to a massive phishing campaign, losing $24 million worth in crypto assets. According to some cybersecurity reports, the number of cryptocurrency phishing attacks saw a 40% increase in 2022.

Additional reporting by Cointelegraph author Felix Ng.

Magazine: How to protect your crypto in a volatile market — Bitcoin OGs and experts weigh in

Friend.tech adds new security upgrade in wake of SIM-swap attacks

October 10, 2023 Coin Telegraph

2FA

The 2FA security measure is optional for Friend.tech users seeking additional security on the platform.

The team behind the decentralized social media platform Friend.tech has added a new security feature amid attempts to stem a flood of SIM-swap attacks targeting its users.

“You can now add a 2FA password to your Friend.tech account for additional protection if your cell carrier or email service becomes compromised,” the team explained in an Oct. 9 post on X (formerly Twitter).

Friend.tech users will be prompted to add another password in when signing onto new devices.

“Neither the friendtech nor Privy teams can reset these passwords, so please use care when using this feature,” Friend.tech added.

You can now add a 2FA password to your https://t.co/YOHabcBL3H account for additional protection if your cell carrier or email service becomes compromised.

Neither the friendtech nor Privy teams can reset these passwords, so please use care when using this feature pic.twitter.com/g0m2E4att2
— friend.tech (@friendtech) October 9, 2023

The latest change follows several SIM-swap attacks targeting Friend.tech users since September.

On Sept. 30, froggie.eth was among the first in a string of Friend.tech users to be compromised by a SIM-swap attack, urging others to stay vigilant.

got swim swapped for 20+ ETH (they drained my https://t.co/xb5o31p3Yy)... stay vigilant out there bros

set a PIN on your sim even if you don't think you need to
— froggie.eth (@brypto_) September 30, 2023

More Friend.tech users came forward with similar stories in the following days with an estimated 109 Ether (ETH), worth around $172,000, stolen from four users within a week. Another four users were targeted over a 24-hour period just days later, with another $385,000 worth of Ether stolen.

Friend.tech had already updated its security once on Oct. 4 to allow users to add or remove various login methods in an attempt to mitigate the risk of SIM-swap exploits.

Several observers criticized Friend.tech for not implementing the solution sooner.

“Finally,” one user said, while another said: “took you long enough.”

However, a prominent creator on Friend.tech, 0xCaptainLevi, was more optimistic, stressing that 2FA is a “big deal” and can help push the social media platform to unseen heights:

2FA is a big deal. Road to $100M TVL never seemed brighter❤️‍ https://t.co/bxd3V3M3mx
— Levi ⚡️ (@0xCaptainLevi) October 10, 2023

In an Oct. 8 X thread, Blockworks founder Jason Yanowitz revealed one of the ways the SIM-swap attacks are being orchestrated. The process involves a text message that asks the user for a number change request, where users can reply with “YES” to approve the change or “NO” to decline it.

If the user responds with “NO” — the user is then sent a real verification code from Friend.tech and is prompted to send the code to the scammer’s number.

“If we do not hear a response within 2 hours, the change will proceed as requested,” a follow-up message shows.

"In reality, if I sent the code, my account would get wiped," he said.

Someone is trying to hack my @friendtech

1) Text sent saying they’re changing my number

2) I respond no

3) They say to confirm no, send the verification code

4) Receive actual verification code from friend tech

5) After no response, they text again saying they’ll auto… pic.twitter.com/j76vI969jP
— Yano (@JasonYanowitz) October 8, 2023

The total value locked on Friend.tech currently sits at $43.9 million, down 15.5% from its all-time high of $52 million on Oct. 2, according to DefiLlama.

*Change in total value locked on Friend.tech since Aug. 10. Source: DefiLlama.*

Cointelegraph reached out to Friend.tech for comment but did not receive an immediate response.

Magazine: Blockchain detectives — Mt. Gox collapse saw birth of Chainalysis

MicroStrategy’s Saylor fuses work email address with Bitcoin Lightning

April 18, 2023 Coin Telegraph

Base Fee

Fans of the Bitcoin bull have been transferring him 21 Satoshis as a way to test out the feature.

The Bitcoin (BTC) Lightning Network has integrated into the corporate email address of Michael Saylor, a Bitcoin bull and co-founder of business intelligence software firm MicroStrategy.

In an April 17 tweet, the former chief executive of the firm shared a screenshot with his 3 million Twitter followers of a few transactions sent to “saylor@microstrategy.com” from others in the form of Satoshis or “Sats” — the smallest denomination of Bitcoin.

So @MicroStrategy converted my corporate email address into a #Lightning⚡️ address and people keep sending me 21 sats... pic.twitter.com/FHde6RtA6N
— Michael Saylor⚡️ (@saylor) April 17, 2023

MicroStrategy’s integration is enabled by the Lightning Address protocol, which allows users to link an “Internet Identifier” like an email address rather than having to copy wallet addresses or use QR codes.

It is unclear if MicroStrategy integrated the feature into all corporate emails at the firm.

The Lightning Network is a popular Bitcoin layer 2 scaling solution, which is capable of processing 1 million transactions per second (TPS) for a base fee of 1 Satoshi, or around four cents.

Integrating payment systems and upgrading business models based on #Bitcoin & #Lightning⚡️ is a great way to reduce dependence on Big Tech, Big Banking, and Big Advertising. Lightning is an open, ethical, scalable way to move money everywhere on earth, without gatekeepers.
— Michael Saylor⚡️ (@saylor) November 29, 2022

Saylor, who now serves as executive chairman at the firm, has been the mastermind behind MicroStrategy’s Bitcoin investment strategy that aims to strengthen the firm’s balance sheet.

MicroStrategy has spent $4.17 billion to accumulate 140,000 BTC since the company began buying in March 2021. The firm’s average purchase price is $29,800 according to data from Buy Bitcoin Worldwide.

With the price of Bitcoin currently sitting at $29,400, MicroStrategy is down a mere 1.3% on its total investment.

However, the firm was in the green again for a short period of time last week when Bitcoin broke through the $30,000 mark.

Cointelegraph contacted MicroStrategy for comment on its plans to integrate the Lightning Network in more of its corporate email addresses but did not receive an immediate response.

Magazine: Bitcoin in Senegal: Why is this African country using BTC?

Scam alert: Trezor warns users of new phishing attack

March 2, 2023 Coin Telegraph

Coin Telegraph

The new active phishing attack is trying to steal Trezor users’ crypto by tricking investors into entering their recovery phrase on a fake Trezor site.

Hardware cryptocurrency wallet provider Trezor has warned its users about a new phishing attack targeting their crypto investments by trying to steal their private keys.

Trezor took to Twitter on Feb. 28 to caution users about an active phishing attack designed to steal investors’ money by making them enter the wallet’s recovery phrase on a fake Trezor website.

The phishing campaign involves attackers posing as Trezor and contacting victims via phone calls, texts or emails claiming that there has been a security breach or suspicious activity on their Trezor account.

“Trezor Suite has recently endured a security breach, assume all your assets are vulnerable,” the fake message reads, inviting users to follow a phishing link to “secure” their Trezor device.

“Please ignore these messages as they are not from Trezor,” Trezor declared on Twitter, emphasizing that the firm will never contact its customers via calls or SMS. The firm added that Trezor has not found any evidence of a database breach.

*A fake SMS from scammers posing as Trezor. Source: Twitter*

According to online reports, the latest phishing attack against Trezor customers was launched on Feb. 27, with users being directed to a domain asking to enter their recovery seed. The domain provides a perfectly-made fake Trezor website that prompts users to start securing their wallet by clicking the “Start” button.

*A screenshot from a phishing domain copying Trezor’s website. Source: Bleeping Computer*

After clicking the “Start” button, users will be asked to provide the recovery phrase for their cryptocurrency wallet.

The wallet’s recovery phrase, also known as private keys, is the most important part of self-custody, or “being your own bank” by keeping your crypto on a software or hardware non-custodial wallet. The safety of the recovery phrase is way more important than keeping the hardware wallet safe, and once the private keys are stolen, it means that crypto holdings no longer belong to their original owner.

The news came shortly after metaverse firm The Sandbox suffered a data breach on Feb. 26, that resulted in a phishing email sent to users.

The latest phishing attack against Trezor customers is not the first scam of such kind. Trezor wallets were also targeted with phishing attacks in April 2022, with attackers contacting Trezor users posing as the company, asking them to download a fake Trezor app.

Such attacks are not exclusive to Trezor though. In 2020, rival hardware wallet firm Ledger suffered a massive data breach, with attackers publicly exposing personal information of more than 270,000 Ledger customers.

MetaMask issues scam alert as NameCheap hacker sends unauthorized emails

February 13, 2023 Coin Telegraph

Coin Telegraph

Web hosting company NameCheap detected the misuse of one of its third-party services for sending some unauthorized emails — which directly targeted MetaMask users.

Popular crypto wallet provider MetaMask warned investors against ongoing phishing attempts by scammers attempting to contact users through NameCheap’s third-party upstream system for emails.

On the evening of Feb. 12, web hosting company NameCheap detected the misuse of one of its third-party services for sending some unauthorized emails — which directly targeted MetaMask users. Namecheap described the incident as an "email gateway issue."

⚠️MetaMask does not collect KYC info and will never email you about your account!
Do not enter your Secret Recovery Phrase on a website EVER.
If you got an email today from MetaMask or Namecheap or anyone else like this, ignore it & do not click its links!https://t.co/EP0HGZFOfo pic.twitter.com/4CDtne24OK
— MetaMask (@MetaMask) February 13, 2023

In the proactive alert, MetaMask reminded its million followers that it does not collect know-your-customer (KYC) information and will never reach out over an email to discuss account details.

The phishing emails sent by the hacker contain a link that opens a fake MetaMask website requesting Secret Recovery Phrase “to keep your wallet secure.”

The wallet provider advised investors to refrain from sharing seed phrases as it hands over complete control of the user’s funds to the hacker.

We would like to assure you that Namecheap’s own systems were not breached and your products, accounts and personal information remain secure.
We will update status post once the issue is solved https://t.co/2xJ362KF0f
— Namecheap.com (@Namecheap) February 13, 2023

NameCheap further confirmed that its services were not breached and that no customer data was leaked in this incident. Within two hours of the initial intimation, NameCheap confirmed that its mail delivery was restored and that all communications henceforth would be from the official source.

However, the main issue related to the mailing of unsolicited emails is still under investigation. Investors are advised to recheck website links, email addresses and points of contact when dealing with communications from MetaMask and NameCheap.

In January, a hacker used Google Ad services to steal nonfungible tokens (NFTs) and cryptocurrencies from investors.

Last night my entire digital livelihood was violated.

Every account connected to me both personally and professionally was hacked and used to hurt others.

Less importantly, I lost a life changing amount of my net worth
— NFT God (@NFT_GOD) January 15, 2023

NFT influencer NFT God lost “a life-changing amount” after accidentally downloading malicious software embedded in a Google advertisement.

The incident happened when the influencer used the Google search engine to download OBS, an open-source video streaming software. However, he clicked the link with a sponsored advertisement instead of the official link, which eventually led to the loss of funds.

Wyre Announces Modification of Withdrawal Policy, Pushing Topps to Temporarily Suspend NFT Marketplace Transactions

January 7, 2023 Bitcoin.com

Email