The report, entitled “Spam and phishing in Q2 2018,” notes so-called “crypto giveaways” as a pervasive example of phishing, wherein cybercriminals dupe individuals into giving up sensitive information as part of a too-good-to-be-true promotion giving away popular cryptocurrencies.
In these crypto phishing scams, unsuspecting individuals are fooled into voluntarily giving up important information on convincing but malicious copies of popular crypto wallets and markets.
Kasperksy states that cybercrooks also pose as new Initial Coin Offering (ICO) projects to collect money from potential investors that try to buy up tokens in supposed early access events. The report also notes that Kaspersky’s anti-phishing system prevented 58,000 user attempts to connect to phishing websites in Q2 2018.
In addition to outlining various types of scams, the quarterly report states that Ethereum (ETH) is currently the most popular cryptocurrency for phishers. According to the firm, ETH’s popularity among cybercriminals increases as more funds are attracted to ICOs on the Ethereum platform.
Earlier this month, new research shed light on the ubiquitous fake crypto giveaways on Twitter. In the course of its research, cybersecurity firm Duo Security surveyed a swathe of 88 million Twitter accounts, using machine learning techniques to train a bot classifier.
Using the most recent 200 tweets from each account, the classifier found a network of 15,000 bots that spread fake competitions and impersonate well known figures in the crypto industry. Duo data scientist Olabode Anise said that, “The bots’ attempts to thwart detection demonstrate the importance of analyzing an account holistically, including the metadata around the content.”