3 min read

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Alina BÎZGĂ

May 24, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Digital currencies are galvanizing social engineering scams and hacks across the online world. Bitdefender’s latest analysis of crypto-based spam once again reveals the creative side of digital pick pockets as they try to trick internet users.

Scam emails announcing you’ve been transferred a hefty sum in bitcoin on a shady crypto investment platform have been popping up in users’ inboxes across the globe. The email subject and body are poorly redacted but pique the readers’ interest by mentioning a large crypto deposit ranging from 19 to 35 bitcoin that can be accessed via a sketchy domain [coinment.net] registered on May 5.

Distribution-wise, the scam emails have reached users in the US, Canada, UK, South Africa and Australia.

Subject lines include:

· Payment Done

· Coinment Investent

· details please

· Your BTC Has Been Transfar ($ 19.4 BTC)

The body of the scam emails contain a numerical ID and password recipients need to use to log in to the so-called crypto investment platform.

As mentioned, the domain name is very recent, and despite the detection of HTTPS protocol, the webpage delivery is at best superficial.

Now, let’s take a closer look at this fake website. As you can see in the screenshots below, the sketchy façade of the website is apparently linked to the blockchain industry. It’s poorly designed and requires various user interactions to get into the sign-in menu.

Once users reach the Sign-in page, they are prompted to fill in the ID and password from the initial email. And here’s where it gets a bit more interesting, with a popup message appearing on the screen citing a Critical Update:

“Your account balance is currently 802.7 BTC (€22,889,448.04). For your security, you are now required to protect your account by choosing a more secure password and enabling OTP.
You can no longer skip this requirement as the maximum number of skips has been reached.”

Sound too good to be true? That’s because it is. Although the apparent concern for account security may provide peace of mind to users, don’t be fooled. After changing the password to their multi-million dollar crypto account, users need to fill in their phone number to receive a secure PIN code to access the account.

We weren’t lucky enough to get our hands on 22 million in euros – since no OTP was received - and we don’t recommend you try either.

The promise of free money is compelling. However, free cash or cryptocurrency always comes with a price including your privacy, data and money. Offers such as this are always fake, and users risk losing much more than they bargained for.

This type of swindle closely resembles an advance-fee scam, which usually requires users to provide financial data or pay large sums to receive the ‘prize’.

Are you stuck in a digital limbo not knowing what platforms to trust. Particularly interested in securing your identity from digital thieves? Look at our Ultimate Security pack to benefit from advance malware protection, anti-phishing, and anti-fraud filters, ongoing identity monitoring, a fast VPN, and a cross-platform Password Manager for the most comprehensive security and privacy pack to guard your data and ensure your financial wellbeing.

Find out more here

tags


Author



Right now

Top posts

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

AMD held to ransom by gang that claims 450GB of data has been stolen AMD held to ransom by gang that claims 450GB of data has been stolen
Graham CLULEY

July 01, 2022

2 min read
South Korean Cybersecurity Agency Released Free Decryptor for Hive Ransomware Victims South Korean Cybersecurity Agency Released Free Decryptor for Hive Ransomware Victims
Vlad CONSTANTINESCU

July 01, 2022

1 min read
Ukrainian Phishers face 15 Years behind Bars after Defrauding Fellow Citizens with Fake Relief Claims Ukrainian Phishers face 15 Years behind Bars after Defrauding Fellow Citizens with Fake Relief Claims
Filip TRUȚĂ

June 30, 2022

1 min read