Fraud scenario based on crypto-asstes trading platforms
June 16, 2023
This is an alert on a new fraud scenario related to cryptocurrency trading platforms.
Attackers may contact you pretending to be representatives of a known crypto-asset platform to get you to:
- provide them confidential data related to payments, such as your card data, access passwords to Internet/Mobile Banking and/or 3D Secure applications, unique payment codes received via SMS (OTP codes – One Time Password), etc.
- install on your mobile phone applications that allow third parties to remotely access your device (for example, the AnyDesk application).
The attackers propose to you to become "clients" - users of the trading platform, or, if you are already a client, to communicate to you the profit registered as a result of your trading activity on that platform.
Two situations were identified:
-
Under the pretext of advising them how to make big profits with small investments(note: you should always be wary of an offer that is too good to be true), the attackers manage to convince their victims to invest in cryptoassets and guide them through the phone call:
- to install a crypto-asset trading application and a "remote control" application (for example, AnyDesk) on their own device;
- to open an account on that platform and initiate crypto-asset purchase operations with the aim of connecting within the application with the victim's payment instrument and allowing subsequent payments to be initiated within the platform with that payment instrument, without additional authorization being required;
- transmit information regarding OTP codes or other authentication elements.
- Under the pretext of withdrawing the profit registered as a result of trading activity on the crypto-asset platform, victims are manipulated into providing sensitive payment data, such as card data, access passwords to Internet/Mobile Banking and/or 3D Secure applications, unique payment codes received by SMS (OTP codes) etc. The data can be requested either during the phone call with the attacker, or through a link sent to the client via a message.
Thus, the attackers gain access to the victims' payment accounts and subsequently act on their behalf, i.e. perform payment operations from their accounts.
To protect yourself against such attacks, we recommend that you do not share with anyone your card data (name, surname, card number, CVV2/CVC2 code, PIN, etc.), access passwords to Internet/Mobile Banking and 3D Secure applications, unique payment codes received via SMS, any other personal identification data or security information, all of which are confidential.
At the same time, we recommended:
- do not install applications from unknown sources and uncertified programs;
- do not enter links received from unknown persons or through unsolicited e-mails;
- install a good and up-to-date antivirus program;
- keep your operating system up to date.