Kaspersky Lab has estimated that cybercriminals pocketed more than $2.3 million from cryptocurrency scams from April to Jun 2018.
In its ‘Spam and Phishing in Q2 2018’ report, the company said that malefactors actively used GDPR, World Cup, and cryptocurrency themes, and links to malicious websites, as well as in marketing messages served by large search engines, in the second quarter.
According to the report, Kaspersky’s antiphishing system prevented 58,000 user attempts to connect to phishing websites masquerading as popular cryptocurrency wallets and markets.
Furthermore, in addition to classic phishing, cybercriminals are devising new methods to entice a victim to willingly send them cryptocurrency. Two popular tactics are cryptocoin giveaways and exploiting the names of new ICO projects to raise funds from potential investors that are trying to gain early access to new tokens.
“Using these two tricks, Kaspersky Lab estimates that intruders earned more than $2.3 million, even without taking into account any revenues from classic phishing schemes,” Kaspersky Lab said.
Other key findings of the report are:
- Ethereum (ETH) is currently the most popular cryptocurrency with phishers.
- The popularity of Ethereum with cybercriminals increases as more funds are attracted by ICOs on the Ethereum platform.
- Over the Q2 2018, cybercriminals exploiting ICOs managed to make $2,329,317 (end-of-July-2018 exchange rate), traditional phishing not included.
“The permanence of attacks targeting financial organizations reflects the fact that more and more people are using electronic money,” said Nadezhda Demidova, lead web content analyst, Kaspersky Lab. “Still, not all of them are sufficiently aware of the possible risks, so intruders are actively trying to steal sensitive information through phishing.”