Fraudulent Cryptocurrency Applications take money from investors!
The US Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are developing fraudulent cryptocurrency applications to steal from investors.
According to the FBI, fraudulent cryptocurrency applications affected about 244 victims, with an estimated loss of $42.7 million.
When the public hears such news, the automatic reaction is to say, "Cryptocurrency and blockchain have been hacked! I thought it couldn’t be hacked!" Blockchain transaction records are encrypted, making it difficult to compromise. You see the word difficult, but not impossible. The records in the blockchain are connected to previous and subsequent records on a distributed ledger. The entire chain must be altered to change a single record. It is more likely the cryptocurrency exchanges and end user applications (as mentioned in this article) will be compromised before the blockchain itself.
Investors in the United States have been contacted by cybercriminals who claim to provide cryptocurrency services. The same individuals also induce investors to download fraudulent mobile applications that are used to defraud investors of their money. Cybercriminals have made phoney phone calls, posing as legitimate financial corporations, attempting to defraud victims of their crypto.
Nothing is un-hackable, according to Cyber Cerberus as a whole. We are all imperfect, and we design imperfect systems and procedures. The good application distinction is made by the thorough and efficient testing procedures.
The blockchain was not hacked in this fraud occurrence. Social engineering-based assaults have been used against victims of such attacks. Simply stated, it's all about the “human”. These kinds of assaults are prehistoric in their nature. You only need to see the movie “Catch Me If You Can” to see this art-form at its best.
We're releasing this message now to offer comfort and assurance to those who have enquired about whether blockchain has been hacked. The short answer is no! What we have here is a clear illustration of fraudulent individuals calling people and manipulating their emotions and anxiety over missing out on the next big thing. This isn't any different from recent email phishing scams.
There are a lot of organisations discussing cryptocurrency market regulation, among other things. Regulation and legislation will not alter the fact that cybercriminals do not care about them. We addressed this in a previous post, but cybercriminals don't give a damn about auditing, rules, or practices. They're equipped to crack businesses because they operate outside the box with a high level of creative thinking.
Cyber Cerberus has a few recommendations for everyone:
If someone calls you claiming to be from a financial institution and want to sell you goods, please thank them, but kindly put them off.
If someone contacts you and the information they provide appears to be correct about you, kindly end the conversation and call your bank on the numbers posted on their website.
If someone calls you, refuse to give them any information, no matter how tempting the offer is. This is your one and only chance at this; some individuals in the United States have discovered that the hard way.
Make sure you're downloading genuine programs, as the article in the bibliography notes. However, something that we think has been overlooked is the fact that you shouldn't install applications that you haven't heard of before. When purchasing a vehicle or obtaining a home loan, you do your homework (due diligence) first. Buying applications should be no different – make the time to research and ask questions. It is very easy to fall into the trap of downloading application because of the convenience of having the phone or device in your hand.
However, the most essential advice is common sense. Most people are weary of the slew of phishing emails, SMS frauds, and now this form of fraud. If something appears to be “too good to be true”, it almost certainly is. Your financial and emotional livelihood may be at risk here.
Some good practice to put into your decision making, especially in the digital world:
STOP-Think about what has been sent to you and what you are being asked to do
ANALYSE-Review the company making the request, lookup the names mentioned of people speaking with you, lookup reviews of software products and services
REFLECT-Get advice and speak to someone and get their opinion, especially someone who has experience in this area.
Always remember, legitimate and genuine organisations and government departments will never call you and ask for information or pressure you to do anything. Furthermore, if payment is part of a scam, there is very high chance you wont get your money or cryptocurrency back.
In search for a summary, I don't think it could be better stated than by Abheeti Kathryn Pass, Chief Operating Officer (COO) of TecStack www.tecstack.io - "In all industries there are nefarious players preying on human hope. In short, people try to rip off and trick other people for personal gain. Although there is much unwarranted negative attention on the cryptocurrency market, we all need to exercise discernment when evaluating enticing offers, and, most importantly, be extremely wary of allowing any organisation access to our personal data. On the other hand, there are many legitimate and worthy crypto and blockchain projects, both emerging and established, which warrant our trust and involvement since they're helping resolve real-life issues through sound education. Issues that affect us all like inflation, wealth protection and how to make sense of our changing world. Understanding where your industry is heading and how to protect your customers with informed guidance is of paramount importance moving forward."
Please contact Cyber Cerberus at www.cybercerberus.com if you have any queries.
Riley, D. (2022). FBI warns fake cryptocurrency apps are defrauding investors - SiliconANGLE. SiliconANGLE. Retrieved 20 July 2022, from https://siliconangle.com/2022/07/18/fbi-warns-fake-cryptocurrency-apps-defrauding-investors/.