Cryptocurrency Phishing Attacks Surge in 2022
When it comes to cryptocurrency-related cyberattacks, bad actors have seemingly reduced the use of traditional financial threats like desktop and mobile banking malware, shifting their focus to phishing. Russian cybersecurity and anti-virus provider Kaspersky has revealed that cryptocurrency phishing attacks witnessed a 40% year-on-year increase in 2022. The company detected 5,040,520 crypto phishing attacks in the year, compared with 3,596,437 in 2021. This represents a significant increase in the number of phishing attacks targeting crypto investors.
A typical phishing attack involves reaching out to investors through fake websites and communication channels that mimic official companies. Users are then prompted to share personal information such as private keys, which ultimately provides attackers unwarranted access to crypto wallets and assets. This is a serious threat, as once attackers have access to a user's private keys, they can gain control over their cryptocurrency holdings and potentially steal their assets.
While Kaspersky could not predict if the trend would increase in 2023, phishing attacks continue to gain momentum in 2023. Most recently, in March, hardware cryptocurrency wallet provider Trezor issued a warning against attempts to steal users’ crypto by tricking investors into entering their recovery phrase on a fake Trezor site. This highlights the need for users to exercise caution and be vigilant in their interactions with cryptocurrency platforms.
In a survey conducted by Kaspersky in 2022, one out of seven respondents admitted to being affected by cryptocurrency phishing. While phishing attacks predominantly involve giveaway scams or fake wallet phishing pages, attackers continue to evolve their strategies. According to Kaspersky, “crypto still remains a symbol of getting rich quick with minimal effort,” which attracts scammers to innovate their techniques and stories to lure in unwary crypto investors.
Even established cryptocurrency platforms and their investors are not immune to phishing attacks. Arbitrum investors were recently exposed to a phishing link via its official Discord server. A hacker reportedly hacked into the Discord account of one of Arbitrum’s developers, which was then used to share a fake announcement with a phishing link. This highlights the importance of securing communication channels and taking measures to ensure that official channels are not compromised.
To protect themselves from phishing attacks, cryptocurrency investors should be wary of unsolicited communications and only interact with official channels. They should also avoid sharing their private keys or recovery phrases with anyone, even if they appear to be legitimate sources. Finally, it's essential to use two-factor authentication and keep their software and anti-virus systems updated to ensure maximum protection against phishing attacks.
In conclusion, phishing attacks targeting cryptocurrency investors are increasing in frequency, and scammers are continually evolving their techniques to steal investors' assets. It's crucial for investors to remain vigilant and exercise caution in their interactions with cryptocurrency platforms to avoid falling victim to these scams. By taking the necessary precautions, investors can help safeguard their cryptocurrency holdings and prevent losses due to phishing attacks.