The post How Hackers Are Exploiting High Profile Accounts: A Look Into a Recent Supply Chain Email Breach appeared first on Coinpedia Fintech News
Hackers have always sought ways to gain easy access to crypto thefts. One method is to access the emails of big entities like crypto platforms or individuals with a large following.
One such case is when The cryptocurrency community was put on high alert after word went around that there could have been a supply chain email breach. On Wednesday, Tether CEO Paolo Ardoino and CoinGecko Co-founder Bobby Ong urged people to be wary of phishing scams and fake airdrop launches. It was because the email listing provider, which was applied by many crypto platforms, may have been hacked.
Breach Confirmation and Warnings
In an X post, Tether CEO Paolo Ardoino responded affirmatively to reports of an attack on a well-known email vendor used by many crypto organisations. Ardoino advised users to disregard any emails received during that time.
We received now 2 independent confirmations that a prominent vendor used by crypto companies to manage mailing lists might have been compromised.Not making names yet until investigation is completed, but please beware of any emails suggesting crypto-airdrops received since 24h…
— Paolo Ardoino (@paoloardoino) June 5, 2024
Equally, Bobby Ong from CoinGecko confirmed that hackers did the act, and by extension, CoinGecko may have been affected.
Hackers get through the verification by hacking one’s identity through sim swapping or the like and get access to the email and other sensitive information. These phishing scams involve fake token launches and links in the email sent to the email subscribers.
Phishing scams are typically designed to trick users into providing vital information about their cryptocurrency wallets or exchange accounts, such as passwords, seed phrases, or private keys. These scams often lure users into fake websites that pretend to be famous firms in the crypto domain.
The scammers actively operate during the increase in stock prices, the so-called bull phase, when a large number of new, less experienced investors appear in the market. In the past, the likes of OpenSea, Ledger, and Celsius have become victims of the same kind of email scams.
The need for the users to be keen, especially with the current threat, is critical. Here are some precautions to consider:
Verify Email sources: Before clicking the links, one should always ensure that the sender’s email address is genuine and the context of the message is real.
Avoid sharing sensitive information: Do not forward passcode, backup phrase, or key in an email.
Enable two-factor authentication (2FA): Increase account security by compulsion of 2-factor authentication on all crypto accounts.
Stay informed: Use indicators such as company blogs and official social media accounts to track possible threats and become knowledgeable about them.