Criminals netted £7.5m from crypto scams last year

They typically use classical phishing techniques, but these often go beyond the traditional scenarios people are familiar with, the company said.

Some of the most popular targets are initial coin offering (ICO) investors. Cyber crooks create fake web pages that simulate the sites of official ICO projects, or try to gain access to their contacts so they can send a phishing email with the number of an e-wallet to send cryptocurrency to.

By exploiting the Switcheo ICO using a proposal for the free distribution of coins, criminals stole more than £19,000 worth of cryptocurrency after spreading the link through a fake Twitter account.

Another trend involves cryptocurrency giveaway scams. Fraudsters request victims send a small amount of cryptocurrency in exchange for a much larger payout of the same currency in the future. By creating fake accounts or replying to tweets from legitimate users through fake accounts, criminals are able to confuse Twitter users into falling for the scam by clicking on replies from fraudulent accounts.

“Our research has shown that cyber criminals are skilled in adapting their resources to accomplish the best results possible with cryptocurrency phishing,” says David Emm, Principal Security Researcher at Kaspersky Lab. “These new schemes of fraud stem from very simple social engineering tactics, and work to line the pockets of cyber criminals with millions of dollars.”

Kaspersky Lab recommends users check official sources for information regarding the free distribution of cryptocurrencies, whether any third parties are linked to the wallet transaction, and the hyperlink addresses and data in the browser address bar.