Phishing for whales: New scam targeting big crypto owners detected

• There is a newly detected scam targeting cryptocurrency owners who store their tokens on cold wallets.
• Cold wallets are completely offline, and are more secure, meaning they are often used by people with more currency in their wallet.
• 85 000 of the emails executing these scams have been intercepted by one cybersecurity company.
• For more stories, visit the Tech and Trends homepage.

A newly detected scam targeting cryptocurrency owners who store their tokens on physical hardware, known as cold wallets, has increased in prominence.

Hot crypto wallets store cryptocurrency in an account that is connected to the internet, whereas on cold wallets, cryptocurrency is stored completely offline, often on physical hardware.

Kaspersky, a cybersecurity and anti-virus software provider, said that the owners of both cold and hot wallets are targeted by scammers.

Hot wallet scams are well-established and generally use simple tactics to target cryptocurrency owners.

Scammers send fraudulent emails which impersonate well-known crypto exchanges. The emails urge users to validate transactions that they have made or to reconfirm the security of their wallets.

But when they click on the link to do this, they are prompted to enter the seed phrase of their wallet, which is an essential element of wallet recovery according to Kaspersky.

"A seed phrase is a series of 12 or 24 random words that provides the data needed to recover a lost or broken crypto wallet," according to Blockworks, a cryptocurrency news provider. 

But, once scammers have access to the seed phrase, they are able to seize control of the victim's wallet and transfer funds out of the account.

Cold wallets generally have more security features than hot wallets, which means a different strategy is deployed by scammers. Kaspersky said that there is a new way that cold wallet owners are targeted.

Cold wallets are generally used by people who own larger amounts of cryptocurrency for this reason.

The scam starts with an email that mimics a prominent cryptocurrency exchange, Ripple, offering a giveaway of XRP tokens.

Ripple is a payment system, and XRP is the digital currency that is used in this system.

People who click on the link are taken to a blog post that looks very similar to the Ripple website where the giveaway is advertised.

To enter the giveaway, people are required to connect their hardware wallets to their device.

When this is done, scammers have an opportunity to make transactions from the cold wallet.

Kaspersky said that it has detected and blocked 85 000 phishing emails targeting cold wallet owners in recent months.

Prevention

Roman Dedenok, a security expert at Kaspersky, said that as the popularity of cryptocurrencies continues to increase, so too does the need for users to stay alert and implement strong security measures to protect their digital assets.

"It is crucial to verify the authenticity of the sender and exercise caution before clicking on any links or providing sensitive information," said Dedenok.

To protect order cryptocurrency stored on hardware, Kaspersky advised people to only purchase hardware from official sources, to scan newly bought hardware for signs of tampering, to secure the seed phrase of the hardware, and to use a strong password if the wallet is password protected.