The Internet, but especially the crypto world, are fertile ground for the growth of frauds and scams. Therefore, it is vital to be prepared and informed to prevent the different frauds we can be victims of. Do you think it won’t happen to you? Believe me 99% of those who have been scammed thought the same thing.
Today we will talk about one of the most common frauds, because of its simplicity to be executed by the attacker and because of the great results obtained by the fraudsters in doing so. Impersonation fraud is a scam in which, generally, an attacker creates a fake profile of another person (famous businessmen, influential people, well-known companies, etc.) in order to execute deceptive practices to their victims.
There are many strategies for executing a successful phishing attack and, with each passing day, attackers invent new ones. But the biggest difference between a spoofing attack and the others is that this is a deception that is carried out through psychological manipulation and not so much through software and hardware as many other attacks.
Cybercriminals often attempt to steal credit card details, passwords, bank account details and other credentials from victims. Once they manage to trick their victims into obtaining that information, they use it for malicious purposes such as stealing money, hacking or may even sell the information to other cybercriminals in informal marketplaces such as the Deep Web.
In short, this is how a phishing attack usually works:
1- The attacker creates a fake profile of another recognized person.
2- It contacts its victims and tries to deceive them under the guise of a trustworthy person or company.
3- Through different techniques of psychological manipulation, they manage to obtain personal data from the victim ( ex. credit card data).
4- Use that data to steal money or to sell it to other cybercriminals.
Cybercriminals often seek victims in the emerging world of cryptocurrencies, trying to take advantage of the lack of knowledge of many new users. From Bitnovo we fight daily with many attackers try to impersonate the identity of our company or our employees for malicious purposes. Here are some examples:
In the images you can see how a fake Bitnovo profile comments on our Facebook posts, enticing users to send between 1 and 5 ETH with the promise of triple the amount sent back to the requested address. Even other fake profiles comment on the post saying that it worked for them to reinforce the deception of the victims.
In this case a fake profile of our founder, Marcos Muñoz, offers himself on Telegram as an agent and administrator of commercial accounts.
In recent weeks we have seen a large growth of these fake profiles pretending to be Bitnovo or members of our team. Therefore, we want to warn all our followers that under no circumstances we will actively contact them through any channel to offer you investment services.
In addition, we would like to recommend some best practices to avoid falling victim to this type of attack:
1- Limit the amount of personal information you share online.
2- Systematically refuse any email or message on social networks that asks you to provide personal data.
3- Always verify the source of information of your incoming emails or messages, especially when you notice any suspicious attitude.
4- Periodically review your online banking transactions and credit card statements.
5- If you believe you have been a victim of identity theft, notify your bank immediately, gather all possible evidence and report the scam to the police.