Phishing
138,573 megtekintés
50 Bejegyzések
Népszerű
Legfrissebb
#FakeAirdrop
Cryptocurrencies, with their promise of decentralized and inclusive ecosystems, have given rise to various trends, including airdrops. Airdrops involve distributing free tokens to holders of a specific cryptocurrency, often as a way to promote a new project. However, the increasing popularity of airdrops has also attracted scammers who orchestrate fake airdrops to deceive unsuspecting users.
Understanding Fake Airdrops:
1. Tempting Promises:
Fake airdrops typically make enticing promises, such as substantial token rewards or exclusive early access to a project. Scammers exploit the desire for quick gains to lure individuals into participating.
2.#Phishing Links:
Scammers often create fraudulent websites or social media accounts that mimic legitimate airdrop campaigns. Participants are directed to provide personal information or access their cryptocurrency wallets through phishing links.
Protecting Yourself from#FakeAirdrop :
1.Verify the Project:
Thoroughly research the project associated with the airdrop. Verify the team's credentials, check for a transparent whitepaper, and ensure the project has a legitimate online presence.
2. Be Skeptical of Requests for Funds:
Legitimate airdrops do not require participants to send cryptocurrency as a prerequisite. Any request for funds, even if small, should raise suspicions.
3. Use #OfficialChannels:
Access airdrop information only through official channels, such as the project's official website or reputable cryptocurrency forums. Be cautious of unsolicited messages on social media platforms.
4. Employ #SecureWallets :
Use secure and reputable cryptocurrency wallets. Avoid sharing private keys or sensitive information with unknown parties.
5. Stay Informed:
Keep yourself informed about common scam tactics and stay updated on the latest security practices in the cryptocurrency community.
Cryptocurrencies, with their promise of decentralized and inclusive ecosystems, have given rise to various trends, including airdrops. Airdrops involve distributing free tokens to holders of a specific cryptocurrency, often as a way to promote a new project. However, the increasing popularity of airdrops has also attracted scammers who orchestrate fake airdrops to deceive unsuspecting users.
Understanding Fake Airdrops:
1. Tempting Promises:
Fake airdrops typically make enticing promises, such as substantial token rewards or exclusive early access to a project. Scammers exploit the desire for quick gains to lure individuals into participating.
2.#Phishing Links:
Scammers often create fraudulent websites or social media accounts that mimic legitimate airdrop campaigns. Participants are directed to provide personal information or access their cryptocurrency wallets through phishing links.
Protecting Yourself from#FakeAirdrop :
1.Verify the Project:
Thoroughly research the project associated with the airdrop. Verify the team's credentials, check for a transparent whitepaper, and ensure the project has a legitimate online presence.
2. Be Skeptical of Requests for Funds:
Legitimate airdrops do not require participants to send cryptocurrency as a prerequisite. Any request for funds, even if small, should raise suspicions.
3. Use #OfficialChannels:
Access airdrop information only through official channels, such as the project's official website or reputable cryptocurrency forums. Be cautious of unsolicited messages on social media platforms.
4. Employ #SecureWallets :
Use secure and reputable cryptocurrency wallets. Avoid sharing private keys or sensitive information with unknown parties.
5. Stay Informed:
Keep yourself informed about common scam tactics and stay updated on the latest security practices in the cryptocurrency community.
🚨 Be wary of an X account impersonating API3, as it's causing community controversy and potentially hosting a phishing site for an airdrop scam. Stay vigilant, investors! 🕵️♂️ #API3 #Impersonation #Phishing #CryptoSecurity
🚨 Investors fell victim to a phishing scam through an imitation imToken website, resulting in approximately $1.8 million in damages. The affected wallet transferred 63 BTC to the attacker's wallet on the 13th. Always exercise caution and verify the legitimacy of websites and transactions to protect your assets. #CryptoScam #Phishing #CryptoFraud #Security 🚫🎣💰
TikTok scammers have once again surfaced, this time using the persona of Elon Musk to orchestrate a cryptocurrency theft scheme. This was reported by Bleeping Computer.
According to the publication, these fraudulent videos are being posted on TikTok hourly. In these videos, someone posing as Elon Musk purportedly gives interviews to major publications and encourages viewers to visit a specific website where a giveaway is supposedly taking place. Scammers have created hundreds of such pages, some masquerading as cryptocurrency exchanges.
Most of these videos promote websites with very similar domain names, including bitoxies com, Moonexio com, altgetxio com, cratopex com. Journalists from the publication investigated one of these giveaways: they created an account on the platform and entered the promo code provided in the TikTok video. After doing so, they were promised to receive Bitcoin in their account.
In the screenshot below, you can see that the wallet purportedly received 0.34 BTC (approximately $9,000). However, when the user attempted to withdraw the funds, they were initially asked to activate their account by depositing 0.005 BTC (around $132). Some websites also request KYC information, which cybercriminals could potentially use to compromise other legitimate accounts.
As a reminder, on September 10th, unknown individuals gained control of Vitalik Buterin's X-account and posted a phishing scam message. The estimated damage exceeded $691,000. Vitalik Buterin himself clarified that the scammers had swapped his SIM card.
#TikTokScam #ElonMusk #CryptocurrencyScam #Phishing #CryptoSecurity
According to the publication, these fraudulent videos are being posted on TikTok hourly. In these videos, someone posing as Elon Musk purportedly gives interviews to major publications and encourages viewers to visit a specific website where a giveaway is supposedly taking place. Scammers have created hundreds of such pages, some masquerading as cryptocurrency exchanges.
Most of these videos promote websites with very similar domain names, including bitoxies com, Moonexio com, altgetxio com, cratopex com. Journalists from the publication investigated one of these giveaways: they created an account on the platform and entered the promo code provided in the TikTok video. After doing so, they were promised to receive Bitcoin in their account.
In the screenshot below, you can see that the wallet purportedly received 0.34 BTC (approximately $9,000). However, when the user attempted to withdraw the funds, they were initially asked to activate their account by depositing 0.005 BTC (around $132). Some websites also request KYC information, which cybercriminals could potentially use to compromise other legitimate accounts.
As a reminder, on September 10th, unknown individuals gained control of Vitalik Buterin's X-account and posted a phishing scam message. The estimated damage exceeded $691,000. Vitalik Buterin himself clarified that the scammers had swapped his SIM card.
#TikTokScam #ElonMusk #CryptocurrencyScam #Phishing #CryptoSecurity
The Importance of 2FA
Two-factor authentication (2FA) is a critical security measure designed to enhance the protection of online accounts and sensitive information. It adds an additional layer of #Security beyond traditional passwords, making it significantly harder for unauthorized individuals to gain access to your accounts. The importance of 2FA stems from the following key reasons:
Enhanced Security: 2FA significantly reduces the risk of unauthorized access to your accounts. Even if someone manages to obtain or guess your password, they would still need the second factor (e.g., a one-time code, biometric data, or a hardware token) to successfully log in. This multi-layered approach ensures that even if one factor is compromised, the account remains secure.
Protection Against Phishing: #Phishing attacks involve tricking users into divulging their passwords through deceptive websites or messages. With 2FA, even if you unknowingly provide your credentials to a phishing site, the attacker won't be able to access your account without the second authentication factor.
Mitigation of Password Vulnerabilities: Many people reuse #passwords across multiple accounts or choose weak passwords that are easily guessable. 2FA compensates for these common vulnerabilities by adding an extra barrier to entry.
Business Security: For businesses, 2FA is crucial for protecting sensitive company #data and preventing unauthorized access to employee accounts. It helps safeguard intellectual property, financial information, and other critical data.
Compliance Requirements: In some industries and regulatory frameworks, 2FA is a mandatory security requirement. Companies handling sensitive customer data or financial information may be obligated to implement 2FA as part of their security measures.
Peace of Mind: Knowing that your accounts are protected with an additional layer of security provides peace of mind, particularly in today's interconnected digital world, where cyber threats are becoming increasingly prevalent.
Mobile Device Security: With the widespread use of smartphones and mobile devices, 2FA has become more accessible. These devices can be used as a second factor, adding an extra level of protection to your accounts on the go.
Preventing Unauthorized Access to Personal Information: Many online services, including email, banking, and social media, contain a wealth of personal information. 2FA helps prevent unauthorized individuals from accessing and misusing this data.
Data Breach Damage Limitation: In the unfortunate event of a data breach where passwords are compromised, having 2FA in place can limit the damage by making it much harder for attackers to exploit the stolen credentials.
In summary, 2FA is a crucial security measure that offers numerous benefits for individuals, businesses, and organizations alike. It provides a robust defense against various cyber threats, adds an #extra layer of protection to sensitive information, and ensures a safer online experience for users. Implementing 2FA should be a priority for anyone concerned about their digital security.
Enhanced Security: 2FA significantly reduces the risk of unauthorized access to your accounts. Even if someone manages to obtain or guess your password, they would still need the second factor (e.g., a one-time code, biometric data, or a hardware token) to successfully log in. This multi-layered approach ensures that even if one factor is compromised, the account remains secure.
Protection Against Phishing: #Phishing attacks involve tricking users into divulging their passwords through deceptive websites or messages. With 2FA, even if you unknowingly provide your credentials to a phishing site, the attacker won't be able to access your account without the second authentication factor.
Mitigation of Password Vulnerabilities: Many people reuse #passwords across multiple accounts or choose weak passwords that are easily guessable. 2FA compensates for these common vulnerabilities by adding an extra barrier to entry.
Business Security: For businesses, 2FA is crucial for protecting sensitive company #data and preventing unauthorized access to employee accounts. It helps safeguard intellectual property, financial information, and other critical data.
Compliance Requirements: In some industries and regulatory frameworks, 2FA is a mandatory security requirement. Companies handling sensitive customer data or financial information may be obligated to implement 2FA as part of their security measures.
Peace of Mind: Knowing that your accounts are protected with an additional layer of security provides peace of mind, particularly in today's interconnected digital world, where cyber threats are becoming increasingly prevalent.
Mobile Device Security: With the widespread use of smartphones and mobile devices, 2FA has become more accessible. These devices can be used as a second factor, adding an extra level of protection to your accounts on the go.
Preventing Unauthorized Access to Personal Information: Many online services, including email, banking, and social media, contain a wealth of personal information. 2FA helps prevent unauthorized individuals from accessing and misusing this data.
Data Breach Damage Limitation: In the unfortunate event of a data breach where passwords are compromised, having 2FA in place can limit the damage by making it much harder for attackers to exploit the stolen credentials.
In summary, 2FA is a crucial security measure that offers numerous benefits for individuals, businesses, and organizations alike. It provides a robust defense against various cyber threats, adds an #extra layer of protection to sensitive information, and ensures a safer online experience for users. Implementing 2FA should be a priority for anyone concerned about their digital security.
Zero transfer scammer steals $20M USDT, gets blacklisted by Tether
Zero transfer scams are becoming prominent in the crypto ecosystem, with over $40 million stolen in 2023.
A scammer using zero transfer phishing attack managed to steal $20 million worth of Tether USDT on Aug. 1 before getting blacklisted by the stablecoin’s issuer Tether.
According to an update from on-chain analytic firm PeckShield, A zero transfer scammer grabbed 20 million USDT from the victim address 0x4071...9Cbc. The intended address that the victim planned to send money to was 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570; however, it was sent to a phishing address instead: 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570.
The zero transfer phishing scam. Source: Etherscan
The victim’s wallet address first received $10 million from a Binance account. The victim then sent it to another address before the scammer jumped in. The scammer then sent a fake Zero USDT token transfer from the victim’s account to the phishing address. A few hours later, the victim sent 20 million USDT to the scammer, thinking they were transferring it to their desired address.
The wallet was immediately frozen by USDT issuer Tether, which raised eyebrows at the speedy nature of the action.
Users generally check the first or last five digits of a wallet address, not the whole address, leading them to send the assets to a phishing address. The victim is tricked into sending a transaction for zero tokens from their wallet to an address that resembles one to which they have already sent tokens before.
For instance, if the victim sent 100 coins to an address for an exchange deposit, the attacker might send 0 coins from the victim’s wallet to an address that appears similar but is controlled by the attacker. Upon viewing this transaction in their transaction history, the victim might assume that the address displayed is the proper deposit address and send their coins to the phishing address.
Zero transfer phishing scams have become quite prominent in the crypto ecosystem over the past year, with multiple instances coming to light. One of the first instances of a zero transfer scam occurred in December 2022, with over $40 million in losses to such attacks since.
#blockchain
#Cryptocurrencies
#Phishing
#Ethereum
#Scams
A scammer using zero transfer phishing attack managed to steal $20 million worth of Tether USDT on Aug. 1 before getting blacklisted by the stablecoin’s issuer Tether.
According to an update from on-chain analytic firm PeckShield, A zero transfer scammer grabbed 20 million USDT from the victim address 0x4071...9Cbc. The intended address that the victim planned to send money to was 0xa7B4BAC8f0f9692e56750aEFB5f6cB5516E90570; however, it was sent to a phishing address instead: 0xa7Bf48749D2E4aA29e3209879956b9bAa9E90570.
The zero transfer phishing scam. Source: Etherscan
The victim’s wallet address first received $10 million from a Binance account. The victim then sent it to another address before the scammer jumped in. The scammer then sent a fake Zero USDT token transfer from the victim’s account to the phishing address. A few hours later, the victim sent 20 million USDT to the scammer, thinking they were transferring it to their desired address.
The wallet was immediately frozen by USDT issuer Tether, which raised eyebrows at the speedy nature of the action.
Users generally check the first or last five digits of a wallet address, not the whole address, leading them to send the assets to a phishing address. The victim is tricked into sending a transaction for zero tokens from their wallet to an address that resembles one to which they have already sent tokens before.
For instance, if the victim sent 100 coins to an address for an exchange deposit, the attacker might send 0 coins from the victim’s wallet to an address that appears similar but is controlled by the attacker. Upon viewing this transaction in their transaction history, the victim might assume that the address displayed is the proper deposit address and send their coins to the phishing address.
Zero transfer phishing scams have become quite prominent in the crypto ecosystem over the past year, with multiple instances coming to light. One of the first instances of a zero transfer scam occurred in December 2022, with over $40 million in losses to such attacks since.
#blockchain
#Cryptocurrencies
#Phishing
#Ethereum
#Scams
- #Aribirtum #platform experiences significant phishing scam causing substantial user losses.
- User loses $112,000 worth of #STG due to an #ERC20 Approval phishing attack.
- Victim reportedly signed an "increaseAllowance" deal, leading to the large loss.
- #Phishing attacks are a persistent concern in the crypto space.
- Incident highlights the need for caution when authorizing transactions and granting permissions.
- Users should verify platform authenticity and scrutinize requests before approval.
- Raising awareness and educating users about security best practices is crucial.
- Continuous monitoring for threats and following safety measures are essential to safeguard assets and mitigate risks.
$STG $BTC $BNB
- User loses $112,000 worth of #STG due to an #ERC20 Approval phishing attack.
- Victim reportedly signed an "increaseAllowance" deal, leading to the large loss.
- #Phishing attacks are a persistent concern in the crypto space.
- Incident highlights the need for caution when authorizing transactions and granting permissions.
- Users should verify platform authenticity and scrutinize requests before approval.
- Raising awareness and educating users about security best practices is crucial.
- Continuous monitoring for threats and following safety measures are essential to safeguard assets and mitigate risks.
$STG $BTC $BNB