FBI Issues A Warning To Users Of Crypto Currency Apps

Cyber criminals are creating fake crypto currency investment apps designed to defraud US investors and exploit investment firms, says the FBI in a warning.

The criminals, who present themselves as legitimate investment firms and crypto currency exchanges, have stolen tens of millions of dollars from more than 200 people by convincing them to download mobile apps and deposit crypto currency into wallets owned by the perpetrators.

The FBI advisory says that these cyber criminals have been convincing US investors to download fake apps, thus leading to financial losses of $42.7 million from 244 victims. “The FBI encourages financial institutions and their customers who suspect they have been defrauded through fake cryptocurrency investment apps to contact the FBI via the Internet Crime Complaint Center or their local FBI field office.”

Some of the apps copy the names, logos, and information of legitimate crypto currency trading and investing platforms. Criminals are both targeting investors and the reputations of the legitimate firms themselves. and were successful in scamming 28 investors out of a combined $3.7 million by using an app to masquerade as a legitimate financial institution. 

When some of the targeted individuals tried to withdraw funds that had previously been deposited into wallets located in the app, an email notice told them that they had to pay taxes on the investments. Even after completing the required payment, the funds were still not available.

In another series of scams that occurred between October 2021 and May 2022, cyber criminals used a company named YiBit1 to steal around $5.5 million from at least four people. The victims were instructed to download a YiBit app and deposit crypto currency into wallets associated with their accounts. Several of the investors received an email telling them that they had to pay taxes on their investments before they could withdraw any funds. The four victims who did so were unable to withdraw funds using the app.

While cyber criminals have long relied on crypto currency as a means of financial extortion, they are increasingly turning their attention to targeting crypto wallets and Blockchain bridges, tools that enable users to transfer their crypto assets from one blockchain to another. The FBI recommends investors take the following precautions: 

  • Be wary of unsolicited requests to download investment applications, especially from individuals you have not met in person or whose identity you have not verified. Take steps to verify an individual’s identity before providing them with personal information or relying on their investment advice. 
  • Verify an app is legitimate before downloading it by confirming the company offering the app actually exists, identifying whether the company or app has a website, and ensuring any financial disclosures or documents are tailored to the app’s purpose and the proposed financial activity. 
  • Treat applications with limited and/or broken functionality with skepticism. 

Investors should be careful about which platforms they trust with their funds, and ensure that the sites and apps they use are legitimate.

IC3:   Techrepublic:    The Hacker News:   The Record:   Techcrunch:   The Register:   TechcrunchOodlaoop:

You Might Also Read: 

Chainalysis Crypto Theft Hotline:

 

« Google & Oracle Turn Off Servers In The Heatwave
Lives Are At Stake As More US Hospitals Are Hacked »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Promon

Promon

Promon is an application security vendor providing Self-Protection abilities to Mobile apps and Desktop applications.

aeCERT

aeCERT

aeCERT is the national Computer Emergency Response Team for the United Arab Emirates.

National Cybersecurity Institute (NCI) - Excelsior College

National Cybersecurity Institute (NCI) - Excelsior College

NCI is Excelsior College’s research center dedicated to assisting government, industry, military and academic sectors meet the challenges in cybersecurity policy, technology and education.

Fyde

Fyde

Fyde helps companies with an increasingly distributed workforce mitigate breach risk by enabling secure access to critical enterprise resources.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

H3Secure

H3Secure

H3 Secure focuses on Secure Data Erasure Solutions, Mobile Device Diagnostics and Information Technology Security Consulting.

The Legal 500

The Legal 500

The Legal 500 Hall of Fame highlights, to clients, the law firm partners who are at the pinnacle of the profession. Practice areas covered include Data Protection, Privacy and Cybersecurity.

AU10TIX

AU10TIX

AU10TIX’s smart forensic-level ID authentication technology links physical and digital identities, meets compliance mandates, and ensures your customers know their trust and safety come first.

SilverSky

SilverSky

SilverSky offers a comprehensive suite of products and services that deliver unprecedented simplicity and expertise for compliance and cybersecurity programs.

10dot Cloud Security

10dot Cloud Security

10dot Cloud Security is a security service management company. Our solutions give you contextualised visibility into your network security.

AutoSec

AutoSec

AutoSec supports the FFI program Electronics, Software and Communication by dissemination and exploitation of the results of projects related to automotive cybersecurity.

HLB Mann Judd (Fiji)

HLB Mann Judd (Fiji)

HLB Mann Judd (Fiji) (formerly known as HLB Crosbie & Associates) is a well-established firm of accountants and business advisers in Fiji.

Coffee Cup Solutions

Coffee Cup Solutions

We offer a full spectrum of IT Services, from our UK based Helpdesk to IT Consultancy and Cyber Security. Our team has the skills and experience to develop, deliver and manage IT for your business.

Anura

Anura

The world’s most accurate ad fraud solution protects your web assets by eliminating bots, malware and human fraud, ensuring your content is seen by real people.

Technoware Solutions

Technoware Solutions

Technoware Solutions is a global company committed to helping entities navigate the digital waters of modernizing their system processes in an ever changing cybersecurity landscape.

Robust Intelligence

Robust Intelligence

Robust Intelligence enables enterprises to secure their AI transformation with an automated solution to protect against security and safety threats.

Tyto Athene

Tyto Athene

At Tyto Athene, we harness the power of technology to provide solutions that shape the future.