3 min read

Malicious Actors Target Crypto Wallets of Coinbase Users in New Phishing Campaign

Alina BÎZGĂ

March 09, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Malicious Actors Target Crypto Wallets of Coinbase Users in New Phishing Campaign

Cybercriminals are targeting Coinbase platform users with phishing campaings in an attempt to steal their account credentials and drain their cryptocurrency wallets, Bitdefender Antispam Lab has learned.

According to our latest telemetry, the phishing campaign was noticed since mid-February, targeting over 25,000 users. Sixty-nine percent of the fraudulent correspondence originated from India, 13.73 percent from Brazil, 10 percent from the US and 2.33 percent from Japan.

When analyzing the final destination of the phishing emails, we noticed the following:

  •  54.72 percent reached users from South Korea
  •  12.53 percent reached users from Sweden
  • 7 percent reached users from Ireland
  • 6.78 percent reached users from Japan
  • 5.12 percent reached users from the United States
  • 2.81 percent reached users from Great Britain
  • 2.16 percent reached users from Canada

The crooks are attempting to dupe recipients into accessing a fake login URL to enter their username and password. In both versions of the scam, the threat actors send out fake notifications that warn recipients of unusual activity in their account, requiring immediate verification from users who wish to regain access to the platform.

“We recently detected an unusual activity on your coinbase account,” one of the fraudulent messages reads. “Unfortunately we had to suspend your coinbase in order to ensure the safety of your account. “This suspension is temporary,” the message continues. “We will need some additional information to verify your identity, Please visit the verification form to complete your identity verification and regain access to your coinbase account.”

Sample 1: initial Coinbase phishing email

Sample 2. ongoing Coinbase phishing email

Sample 3. fake Coinbase login page

Throughout 2020 and beyond, fraudsters have sought financial gain by sending legitimate-looking emails that tempt victims to enter their account username and password or provide personally identifiable information.

The trend toward impersonating cryptocurrency trading platforms to steal user information is likely to continue throughout the year. Although this ongoing phishing exercise does not include a malicious payload that could expose recipients to additional threats or file-encrypting ransomware, threat actors may continue to fine-tune their tactics.

What should victims do?

If you”ve already received such a fraudulent email, make sure to delete it. If you”ve submitted your account login information, head to the official website and change the password immediately and enable the two-factor authentication feature to add an additional security layer.

The Coinbase platform also gives you ways to recover or temporarily disable your account in case of compromise. As always, immediately change the passwords for all online accounts that share the same email and password combination (although reusing credentials for multiple accounts is something that”s not usually recommended) to avoid further compromise and account takeover.

Be wary of unsolicited correspondence and double-check page URLs before signing in. The use of industry jargon, official logos, and even similar email addresses does not guarantee an email is legitimate. Take your time to assess the message and the reason behind it. Don”t be tempted to immediately respond or access a link, even if you”re advised to do so under the threat of consequences such as account closures. Go to the official website directly from your browser, log in and look for any associated account notifications

Note: This article is based on technical information provided courtesy of Bitdefender Antispam Lab.

tags


Author



Right now

Top posts

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read