FBI Issues A Warning To Users Of Crypto Currency Apps

Uploaded on 2022-07-25 in GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial, NEWS-Cybersecurity News

Cyber criminals are creating fake crypto currency investment apps designed to defraud US investors and exploit investment firms, says the FBI in a warning.

The criminals, who present themselves as legitimate investment firms and crypto currency exchanges, have stolen tens of millions of dollars from more than 200 people by convincing them to download mobile apps and deposit crypto currency into wallets owned by the perpetrators.

The FBI advisory says that these cyber criminals have been convincing US investors to download fake apps, thus leading to financial losses of $42.7 million from 244 victims. “The FBI encourages financial institutions and their customers who suspect they have been defrauded through fake cryptocurrency investment apps to contact the FBI via the Internet Crime Complaint Center or their local FBI field office.”

Some of the apps copy the names, logos, and information of legitimate crypto currency trading and investing platforms. Criminals are both targeting investors and the reputations of the legitimate firms themselves. and were successful in scamming 28 investors out of a combined $3.7 million by using an app to masquerade as a legitimate financial institution. 

When some of the targeted individuals tried to withdraw funds that had previously been deposited into wallets located in the app, an email notice told them that they had to pay taxes on the investments. Even after completing the required payment, the funds were still not available.

In another series of scams that occurred between October 2021 and May 2022, cyber criminals used a company named YiBit1 to steal around $5.5 million from at least four people. The victims were instructed to download a YiBit app and deposit crypto currency into wallets associated with their accounts. Several of the investors received an email telling them that they had to pay taxes on their investments before they could withdraw any funds. The four victims who did so were unable to withdraw funds using the app.

While cyber criminals have long relied on crypto currency as a means of financial extortion, they are increasingly turning their attention to targeting crypto wallets and Blockchain bridges, tools that enable users to transfer their crypto assets from one blockchain to another. The FBI recommends investors take the following precautions: 

  • Be wary of unsolicited requests to download investment applications, especially from individuals you have not met in person or whose identity you have not verified. Take steps to verify an individual’s identity before providing them with personal information or relying on their investment advice. 
  • Verify an app is legitimate before downloading it by confirming the company offering the app actually exists, identifying whether the company or app has a website, and ensuring any financial disclosures or documents are tailored to the app’s purpose and the proposed financial activity. 
  • Treat applications with limited and/or broken functionality with skepticism. 

Investors should be careful about which platforms they trust with their funds, and ensure that the sites and apps they use are legitimate.

IC3:   Techrepublic:    The Hacker News:   The Record:   Techcrunch:   The Register:   TechcrunchOodlaoop:

You Might Also Read: 

Chainalysis Crypto Theft Hotline:

 

« Google & Oracle Turn Off Servers In The Heatwave
Lives Are At Stake As More US Hospitals Are Hacked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Certes

Certes

Certes is a pioneer in delivering cutting-edge security technology solutions, with a specific focus on Data Protection Risk Mitigation (DPRM).

Cyber Aware

Cyber Aware

Cyber Aware aims to drive behaviour change amongst small businesses and individuals, so that they adopt simple secure online behaviours.

CyberGuarded

CyberGuarded

CyberGuarded are an accredited vendor independent information security testing and auditing company.

Axonius

Axonius

Axonius is the only solution that offers a unified view of all assets and their coverage, empowering customers to take action to enforce their organization’s security policies.

Assertion

Assertion

Assertion secures your collaboration (UC/CC) systems from cyber risks. Enforcing the right set of controls and monitoring them continually brings down risk to acceptable levels.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

RUSCADASEC

RUSCADASEC

RUSCADASEC is an independent non-profit initiative on developing the open Russian-speaking international community of industrial cyber security/ICS/SCADA cyber security professionals.

Mjenzi Cloud

Mjenzi Cloud

Mjenzi Cloud is a provider of cloud IaaS solutions including managed backup services, affordable & secure cloud virtual compute/storage/compute services, bare-metal services and cloud security.

Cigent Technology

Cigent Technology

Cigent keeps the most valuable asset in your organization safe—your data. Our advanced endpoint and managed network security solutions prevent ransomware and data theft.

Centre for Cyber Security Research and Innovation (CSRI) - Deakin University

Centre for Cyber Security Research and Innovation (CSRI) - Deakin University

CSRI solves the cyber security threats of tomorrow, today. We work with industry and government leaders on innovative research that has real-world impact.

Triaxiom Security

Triaxiom Security

Triaxiom Security offers penetration testing, security audits, and strategic consulting customized to meet your needs.

Emtec

Emtec

Emtec’s cyber security team provides advisory, assessment, & managed security services that help you build the cyber security policies, toolsets & best practices to elevate your cyber security posture

Airiam

Airiam

Airiam provides cybersecurity, managed IT, consulting, incident response, and digital transformation services so you can focus on what matters most.

CampusGuard

CampusGuard

CampusGuard focuses on the cybersecurity and compliance needs of campus-based organizations including higher education, healthcare, and state and local government.

Haiku

Haiku

Haiku stands at the forefront of cybersecurity upskilling, leveraging video games to immerse you in a flow state for accelerated, enduring learning.

True North Solutions

True North Solutions

True North Solutions provides a wide range of fully customized, vendor-neutral industrial engineering and OT automation solutions to companies across North America and around the world.