Cryptocurrency has been a hot topic for some time, and cybercriminals continue to find ways to scam users out of their investments. Kingston Police have shared details on a new scam that involves digital wallets, where cryptocurrency is usually stored.
According to a release from Kingston Police, most cryptocurrency exchanges require users to have an additional authentication method, such as a recovery phrase, to access their digital wallet. Cybercriminals use social engineering to try to bypass this added authentication and steal the currency.
“In a new scam, cybercriminals send you an email pretending to be a cryptocurrency exchange representative,” Kingston Police said. “This email states that you need to provide information to receive a refund due to an issue with your account. To receive this refund, this email asks you to click a link and enter your recovery phrase. If you click the link and provide this information, cybercriminals can use it to reset your password and prevent you from accessing your account. Then, they can transfer your currency to their own accounts.”
Kingston Police provided the following tips to stay safe from similar scams:
- Always be cautious of unexpected emails. While this attack targets cryptocurrency wallets, similar emails could be used to gain access to any account that uses additional authentication methods.
- Watch out for messages that offer refunds or special promotions that seem too good to be true. Phishing attacks rely on impulsive actions, so always think before you click.
- Never provide sensitive information through email. If you receive an email claiming that you have an account issue, always log in to the organization’s website directly to verify the claim.