Monday, May 27, 2024

Cryptocurrency phishing cases up 40% in 2022, says Kaspersky

Cybersecurity firm Kaspersky said that the number of cryptocurrency-related phishing attacks prevented by its anti-phishing systems increased by 40% in 2022 compared to the previous year, with over 5 million attacks being stopped.

An example of active crypto fraudulent scheme which occurred in February 2023

Conversely, there is a decrease in the detection of traditional financial threats, such as banking and mobile financial malware. These and other findings are in the company’s latest report on financial threats.

According to a new report by Kaspersky, the financial threat landscape saw significant changes in 2022. While attacks using traditional financial threats such as banking PC and mobile malware have become less common, cybercriminals have shifted their attention to new areas, including the crypto industry.

In 2022, cryptocurrency phishing rose significantly and was included as a separate category, demonstrating 40% year-on-year growth with 5,040,520 detections of crypto phishing in 2022 compared to 3,596,437 in 2021.

This increase in crypto phishing could be partially explained by the havoc on the crypto market that occurred last year. However, it is still unclear whether the trend will continue, which will depend on the trust that users place in cryptocurrency.

This data correlates with users’ experiences with cryptocurrency threats explored by Kaspersky earlier this year — every seventh person surveyed was affected by cryptocurrency phishing.

Although most crypto scams are traditional tricks such as giveaway scams or fake wallet phishing pages, a recent active fraudulent scheme discovered by Kaspersky shows that scammers are constantly coming up with new techniques to ensure their success.

In this campaign, the user receives a PDF file in English by mail, stating that they allegedly registered on a cryptocurrency cloud mining platform a long time ago and need to urgently withdraw a lot of crypts since their account is inactive. The file contains a link to a fake mining platform.

To withdraw the crypt, the user must fill out a form with personal information, including the card or account number, and pay a commission, in this case, through a crypto wallet or directly to the specified wallet address. 

“Despite some troubles that have occurred in the cryptocurrency market over the past six months, in the minds of many people, crypto still remains a symbol of getting rich quick with minimal effort,” Olga Svistunova, a security expert at Kaspersky, said.

“Therefore, the flow of scammers who parasitize on this topic does not dry out. In order to lure victims into their networks, these scammers continue to come up with new and more interesting stories.”

In Southeast Asia (SEA), Kaspersky has monitored a slight dip in 2022 overall. The global cybersecurity company observed 64,080 crypto phishing in the region last year, 15% lower than 2021’s number.

The drop in crypto phishing is mainly detected in Singapore (-74%), Thailand (-51), and Vietnam (-15%).

This type of threat, however, continues to grow in the Philippines (170%), Indonesia (+26%), and Malaysia (4%).

“Southeast Asia is home to diverse countries and continue to lead globally in terms of cryptocurrency adoption. With the highly active play-to-earn gamers plus the remittance usage of cryptocurrency in countries with high overseas workers, we expect to see more adopters in the region. This makes it essential to develop that protection-first mind set against attacks related to this useful technology,” Chris Connell, managing director for Asia Pacific at Kaspersky, said.


- Advertisement -spot_img




- Advertisement -spot_img