Cryptocurrency scammers want to steal your coins as the holidays approach. How do you protect them?
To store large stocks of cryptocurrencies is better with the help of hardware wallets already familiar to us. Such devices isolate the owners’ private keys and do not shine them on the Internet, guaranteeing the protection of coins from hackers. However, the factor of human error exists even here – and fraudsters want to take advantage of it. Now it has become known about another way of scammers to steal someone else’s crypto.
Note that cryptocurrencies can be lost even if they are stored relatively correctly. Last week, we saw an example of this: Twitter user Anchor Drops reported the loss of 10 bitcoins for approximately one million dollars and the additional theft of expensive NFT for 1.5 million.
The investor kept the private keys to the addresses used with a Ledger Nano S hardware wallet, which he had not taken out for at least two months.
Ledger Nano S hardware wallet.
What was the reason for the hack? It turned out that the owner of the device signed a malicious transaction in early 2022. That is, all this time scammers had access to the contents of the victim’s wallet, but for some reason delayed the withdrawal. Well, now you can’t get your cryptocurrencies back.
The bad news doesn’t end there: scammers are still hunting for other people’s crypto.
How you can lose cryptocurrencies
Scammers have now activated the tactic of so-called spoofing, when they impersonate someone else. In this case, we are talking about allegedly supporting hardware wallet manufacturer Ledger.
The scammers send emails to cryptocurrency users with a message about the company’s alleged data leak. In this regard, the attackers ask potential victims to go to the specified website and enter their cid phrase to verify digital assets.
Example of a cid-phrase in blockchain
As a reminder, a cid-phrase is a unique combination of 12, 18 or 24 words from the so-called BIP39 list. This combination is a universal tool to access private keys from the user's used addresses. So if you disclose the syd to someone, it will most likely end with the withdrawal of all cryptocurrencies from the victim's wallet.
The trick is that the scammers somehow used an email address that matches Ledger’s real address. As the experts at BleepingComputer point out, the sending took place via an email marketing platform, which means that the French manufacturer’s box was not hacked after all.
Here’s an example of the scammers’ email.
A scam email from attackers posing as Ledger employees
When clicking on the link, the victim gets to a website, the style of which is similar to Ledger. Well, the platform immediately offers to “authenticate the device” by entering a cid phrase from it. According to the scammers, this will supposedly allow them to check if the hardware wallet has been compromised.
A scam site that wants to scam Ledger hardware wallet users
Ledger representatives have responded to what’s going on. Here’s a quote from the company’s Twitter feed, as quoted by Cointelegraph.
Alas, online scammers have become a part of our lives and no one is immune to their activity. At Ledger, we have created technologies that protect your cryptocurrency and private keys regardless of external threats. Ledger devices are designed to keep your assets safe and completely under control – and always.
We have repeatedly strengthened our systems to meet the highest security standards in a world where everything is becoming more connected.
It’s important to remember: Ledger will never call, private message or ask for your 24-word recovery phrase. If someone does that – you have a scammer in front of you. Be careful and keep your cryptocurrencies safe.
😈 MORE INTERESTING THINGS CAN BE FOUND IN OUR YANDEX.ZEN!
What the employees have said is really enough to protect your digital assets. It is important to realise that your cid phrase allows you to dispose of all coins on your wallets. Therefore, if you disclose it – under one pretext or another – it won’t end well.
Hence the clear conclusion: cryptocurrency wallet users should ignore any offers to name or enter their recovery phrase. This is asked only by scammers who want to get hold of other people’s assets.
It should be noted that such emails come to Ledger users for a reason. In 2020, the company's marketing partner became a victim of hacking, which made the data of the giant's device buyers, such as Email addresses and phone numbers, publicly available.
.
Cryptocurrency scammers
That said, the fight against cryptocurrency criminals continues. For example, the US Treasury Department imposed sanctions against individuals who laundered digital assets for the sake of further financing of the North Korean regime.
We are talking about two Chinese citizens Lu Huain and Zhang Jian. According to the Treasury Department’s Office of Foreign Assets Control (OFAC), they facilitated money laundering through digital assets as part of a large-scale illicit network led by Sim Hyun Sop of North Korea’s banking sector.
In doing so, Lu and Zhang worked for UAE-based Green Alpine Trading, which was a major component in the overall scheme to launder capital. Here is a quote on the matter, as cited by The Block.
The DPRK continues to use agents and intermediaries to gain access to the international financial system. This is necessary to conduct illicit financial transactions, including fraudulent IT activities, digital asset theft and money laundering, to support the state’s illicit weapons of mass destruction and ballistic missile programmes.
Cryptocurrency scammers
Protecting and safeguarding your coins is not as difficult as it may seem. Ideally, you should realise the importance of the cid phrase and understand the consequences of its possible disclosure. And then ignoring all sorts of scammer attempts to get to your coins will be much easier.
.
Come join our crypto chat room. And preferably quickly.
SUBSCRIBE TO OUR CHANNEL IN TELEGRAM TO BE INFORMED.
Related posts
