Police Warn of Bitcoin Scammers Posing as Bank Representatives

August 14, 2024 Bitcoin.com

FBI Issues Warning About Crypto Exchange Scams

August 2, 2024 Bitcoin.com

Crypto catfishers ditch fake exchanges for approval phishing scams

December 14, 2023 Coin Telegraph

Asked to get a banana, a BAYC owner narrowly avoids a fake Forbes scam

November 27, 2023 Coin Telegraph

BAYC

Scammers posing as Forbes journalists have been targeting BAYC holders to set up interviews and distract them while they attempt to steal their apes.

A Bored Ape Yacht Club (BAYC) owner says he has managed to avoid a potentially “dreadful day” after being asked to retrieve a banana for a photo from someone they initially believed was interviewing them for Forbes.

On Nov. 27, NFT collector ‘Crumz’ detailed his run-in with a scammer posing as a Forbes journalist.

He reported that someone pretending to be Robert LaFanco — a real Forbes editor, contacted him by direct message from an impersonator account with the offer of an interview for a new article about BAYCs.

SCAM ALERT!!
I just spent the last 2hours on Zoom with '@Forbes' it was pretty sophisticated and well thought out because I'm usually on high alert but luckily I wasn't caught. Here's what they did. 1/8
— Crumz (@crumz10) November 26, 2023

During the interview, the scammer prompted Crumz to click a "button" to allow access to record the interview. Crumz said he complied with the so-called journalists despite certain red flags, including their use of a non-premium Zoom account and wanting to use a separate recorder bot to record his screen.

“I had to press a button to allow access to record,” he said before adding, “I didn’t think much of it first but at the end, he asks me to say something that resembles my ape and he suggests a banana.”

'Crumz' said he later realized this was a distraction attempt to take him away from his computer during which the attacker would take control of his computer to steal his assets.

‘Crumz’ said instead of getting the banana, he waited by his computer and sure enough, the scammers started to control his screen.

"I mute my screen and there's no video and just waited by the screen and sure enough they started to control my screen, I stopped them when they went on delegate.cash."

8/8
Hopefully I'm safe now. Don't think they can still control my computer when I turn it back on.
Please be safe out there, it could've been a dreadful day today
— Crumz (@crumz10) November 26, 2023

Crypto casino Rollbit partner ‘@3orovik’ echoed the warning to his 140,000 X followers on Nov. 27.

He also fingered a spurious account named ‘Robert LaFranco’ whose profile claims he is a Forbes assistant managing editor. “During this interview, he attempts to trick you to gain access to your PC and steal your expensive NFTs,” he warned.

⚠️ WATCH OUT ⚠️

A fake Forbes journalist is reaching out to BAYC holders for a fake interview

During this interview he attempts to trick you to gain access to your PC and steal your expensive NFTs

It’s very unlikely Forbes would reach out pic.twitter.com/ViYrT0mk1l
— borovik.eth (@3orovik) November 27, 2023

Meanwhile, BAYC community member Laura Rod also reported being contacted by the bogus Forbes editor.

Earlier this month blockchain security firm Slowmist detailed a number of scams in which victims lost crypto assets to fake journalists.

It reported that, after scheduling an interview, the attacker would guide victims to join the interview on Telegram, providing an interview outline, conducting a two-hour interview, and then providing the malicious link to consent to publication.

In October, a Friend.tech user reported being duped by a fake Bloomberg journalist, who lured them into clicking a link for a “consent form” which instead resulted in a drained Friend.tech account.

Meanwhile, several industry observers have noted that scammers on X (Twitter) often have a BAYC profile picture which is something to look out for.

Magazine: Tornado Cash 2.0 — The race to build safe and legal coin mixers

Revoke adds new feature after users complain of fake approvals scam

July 10, 2023 Coin Telegraph

approvals

Scammers have found a new way to make crypto by luring users into revoking fake approval transactions.

Approval management platform Revoke has issued a fix aimed at mitigating a new crypto scam, which involves baiting crypto users into revoking “fake approvals” and then stinging them with excessively high transaction fees.

On July 9, Revoke.cash stated that it had received reports of people seeing unknown approval transactions in their transaction history.

Yesterday, we received reports of people seeing unknown approval transactions in their transaction history.

It turns out that this is a new scam where scammers use so-called gas tokens to steal money when victims revoke these "fake approvals". pic.twitter.com/vpY2sGIv0T
— Revoke.cash (@RevokeCash) July 9, 2023

In reality, scammers have been using what are known as “gas tokens” to trick victims into believing they have suspicious transaction approvals.

“It turns out that this is a new scam where scammers use so-called gas tokens to steal money when victims revoke these "fake approvals".”

Gas tokens were developed when Ethereum network fees started climbing. Users could effectively store cheap gas during periods of low network demand.

“This allowed users to mint gas tokens when fees were low, and burn them when fees were high, effectively "locking in" the lower fee,” explained Revoke.

However, Revoke said that scammers have been creating fake gas tokens that they airdrop with fake approvals that users think they need to revoke.

The spurious tokens have been programmed to generate a lot of gas during the revoked transaction with the newly minted gas tokens being sent back to the scammers leaving the victim with a high transaction fee.

Revoke said it has now addressed the issue by adding a check that disables revoking approvals if there's an excessive gas fee. It advised users to ignore the fake approvals:

“Best thing to do with these fake approvals / fake tokens is to ignore them. As long as you don't interact with them, they can't steal your funds.”

Revoke is a preventative tool that helps users practice safer crypto wallet behavior by managing or revoking active approvals such as those no longer required by DeFi protocols.

*Revoke's new fix to combat the gas token approval scam. Source: Twitter*

Platforms such as Revoke have been urging users to revoke approvals for Multichain following the multi-million dollar network exploit on July 7. This has given scammers a new avenue to lure victims to approve their fake transaction revokes.

Magazine: Crypto Twitter Hall of Flame, Gabriel Haines: Shirtless shitposting and hunting SBF on the meme streets

‘Scammers’ impersonate Crypto Twitter users on Threads as users near 100M

July 10, 2023 Coin Telegraph

Coin Telegraph

Threads are already seeing potential crypto scammers arrive on the platform as Crypto Twitter personas warn of impersonators on the app.

Scammers appear to have wasted no time since the launch of Meta’s new microblogging app — with several high-profile Crypto Twitter users already warning of imposter accounts on Threads.

Threads was launched on July 5 and has seen sign-ups climb above 98 million in the days following. It’s still far away from Twitter’s estimated 450 million users.

However, over the past few days, multiple Crypto Twitter figures have already pointed out fake accounts on Threads impersonating others or themselves.

On July 8, decentralized finance platform Wombex Finance tweeted an image of a Threads account impersonating it — warning it could be a scammer as the project isn't on the platform.

Attention, #WombexWarriors!

Please be aware that Wombex Finance DOES NOT have an account on the Threads platform.

Any account claiming to be Wombex Finance on that platform is fraudulent and is operated by a scammer!

To avoid scams, always refer to our official channels:… pic.twitter.com/uU8fc2lTiB
— Wombex (@WombexFinance) July 8, 2023

The nonfungible token (NFT) influencer Leonidas tweeted a similar warning a day earlier to their over 93,000 followers, saying that they and other "large NFT accounts" are being impersonated by "scammers" on Threads. Leonidas said they have now made an account on Threads to combat impersonators.

Jeffrey Huang, known on Twitter as Machi Big Brother, tweeted his Threads profile on July 6 with one user pointing out there was already a Threads account impersonating his Twitter persona.

Damn dude you already have a scam account on threads pic.twitter.com/QTDv3V39H7
— Nataly (NLC) (@NLC972) July 6, 2023

So far, the Thread accounts mentioned have avoided sharing any scam or phishing links, with most posting crypto-related content.

For years, Twitter has been a popular channel for crypto phishing scammers, with a common tactic involving hacking into the Twitter accounts of well-known people and businesses and posting malicious links.

Such links usually attempt to dupe unwitting targets into sharing either their crypto exchange login, a crypto wallet seed phrase or have them connect a wallet to a crypto-draining smart contract.

In the first half of this year, $108 million worth of crypto was stolen in such phishing scams according to a report by Web3 security firm Beosin.

Magazine: Crypto Twitter Hall of Flame, Gabriel Haines: Shirtless shitposting and hunting SBF on the meme streets

Losses from crypto rug pulls outpaced DeFi exploits in May: Beosin

June 2, 2023 Coin Telegraph

Beosin

Over $45 million was lost to exit scams in May while exploits on DeFi protocols racked up less than half that amount over the same period.

The amount of cryptocurrency lost to "rug pull" or "exit scams" — where founders suddenly up and leave with investors’ money — had outpaced the amount stolen from decentralized finance (DeFi) projects in May, a blockchain security firm has revealed.

A June 1 report from Beosin said in May total losses from rug pulls and scams reached over $45 million across six incidents.

Meanwhile, there were 10 attacks on decentralized finance (DeFi) protocols that netted only $19.7 million. The amount is a nearly 80% decrease from April and losses from these types of exploits had been on the decline for two months, it added.

Rug Pull Outpaces Attacks: The total amount involved in #rugpull reached $45.02 million, surpassing losses from attacks

2/5
— Beosin Blockchain Security (@Beosin_com) June 1, 2023

The largest of such rug pulls was the $32 million that crypto project Fintoch is alleged to have made off with on May 24. The $7.5 million attack on the DeFi platform Jimbos protocol was the largest attack last month according to Beosin.

“Hackers and scammers are gradually shifting the target of their attacks from various project parties to ordinary users,” Beosin wrote.

It recommended crypto users “raise their anti-fraud awareness,” undertake due diligence on a project before investing and learn how to better safeguard their crypto.

Beosin also warned against using shared or public charging devices for mobile phones as these could potentially be modified to inject malicious programs that could compromise private keys.

In April, the United States Federal Bureau of Investigation (FBI) issued a similar warning the use of free charging stations such as those found at airports should be avoided.

Avoid using free charging stations in airports, hotels or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices. Carry your own charger and USB cord and use an electrical outlet instead. pic.twitter.com/9T62SYen9T
— FBI Denver (@FBIDenver) April 6, 2023

“Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices,” the FBI’s Denver office tweeted on April 6. It instead advised carrying a charger and USB cord for use in an electrical outlet.

Hall of Flame: Crypto Wendy on trashing the SEC, sexism, and how underdogs can win

Google Ads data: $4M stolen through crypto phishing URLs

April 27, 2023 Coin Telegraph

Google Ads data: M stolen through crypto phishing URLs

Coin Telegraph

Unsuspecting cryptocurrency users have lost over $4 million to phishing websites promoted using Google Ads.

Data from Google Ads coupled with blockchain analytics reveals that over $4 million has been stolen from users that have fallen for malicious phishing websites promoted on Google.

According to Web3 anti-scam service provider ScamSniffer, malicious adverts for phishing websites have been prevalent on Google ads searches in recent weeks. The URLs lead to fraudulent websites that prompt wallet login signature requests that compromise users’ addresses.

1/ A recent surge in phishing scams via Google search ads has led to users losing approximately $4 million.
ScamSniffer has investigated multiple cases where users clicked on malicious ads and were directed to fraudulent websites.#PhishingScams #GoogleAds pic.twitter.com/vuKCgSuFnV
— Scam Sniffer (@realScamSniffer) April 27, 2023

A number of decentralized finance (DeFi) protocols, websites and brands, including Zapper.fi, Lido, Stargate, Defillama, Orbiter Finance and Radiant, have been targeted by scammers. Slight changes to official URLs make it difficult for users to identify that they’ve clicked on malicious links.

Analysis of metadata from a number of the phishing websites in question has been linked to advertisers located in Ukraine and Canada. The users responsible for placing the malicious adverts make use of a number of methods to bypass Google’s ad review process. This includes manipulating the Google Click ID parameter, which allows the attackers to show a normal webpage during Google’s ad review.

Other malicious adverts use anti-debugging methods to redirect users with developer tools enabled to a normal website, while a direct click takes users to the malicious website. This also allows scammers to bypass some of Google ads’ machine reviews.

On-chain data analysis from addresses linked to malicious websites advertised on Google from ScamSniffer’s database suggests that $4.16 million has been stolen from over 3,000 users over the past month.

The anti-scam service followed on-chain flows of funds to various exchange and mixing services, including SimpleSwap, Tornado Cash, KuCoin and Binance.

Making use of advertising analysis platforms, ScamSniffer suggests that the cost of promoting crypto-related phishing websites is lucrative. The average cost per click for associated keywords is between $1 to $2.

Estimating a conversion rate of 40% from 7,500 users clicking on malicious adverts, scammers have spent around $15,000 on advertising which has provided a return on their malevolent investments of 276%, given the $4 million stolen to date.

A report from Russian cybersecurity and anti-virus provider Kaspersky highlighted an increase in crypto-related phishing attacks through 2022, up 40% year on year with over 5 million phishing attacks identified last year.

Magazine: US enforcement agencies are turning up the heat on crypto-related crime