Surviving a Spear-Phish Attack
In the second installment of our “Protecting Your Crypto” series, we explore phishing and spear-phishing attacks. Phishing is a cyberattack where an ill-intentioned person poses as a legitimate and reputable business that tricks people into sending the hacker their personal information, usually from a fraudulent link, email attachment, or website. Sensitive information that hackers target includes usernames, passwords, and credit card information.
Phishing is considered a social engineering attack because it uses psychological manipulation and relies on human error to get users to share their personal information unknowingly. Phishing attacks most often come in the form of fraudulent emails that fool the user into divulging their personal information on a fake website. The attacks typically ask that the user to confirm their credit card information or to reset their password on a fraudulent website that looks and operates like the real website of a company the user is familiar with.
Phishing attacks have been used in the cryptocurrency space to steal bitcoin and other cryptocurrencies. Most often, these attacks involve a user on a fraudulent website a hacker has set up using their own wallet address. Users on the site think that they are paying for legitimate products and services, but the purchases they make end up in the hacker’s wallet instead.
Spear-phishing takes the fraudulent activity to the next level by targeting a specific organization or profiling a particular person. In a spear-phishing attack, the hacker collects information about their victim, often from social media platforms. Using the information collected about the victim, hackers construct a personalized message aimed at getting the user to click or download on a file infected with malware or to visit a fraudulent website.
According to CipherTrace, thefts, scams, and other fraudulent activity resulted in losses exceeding $4 billion in 2019. In a recent example, Coinbase agreed to transfer $815,744 back to a victim of a spear-phishing campaign. The attack used a fraudulent email account from a company the user had been investing in. In total 80 Bitcoin were stolen, 60 BTC were sent to a digital wallet on Coinbase while the other 20 were sent to local exchanges.
Spear phishing attacks are not limited to individual hackers, national governments have also been conducting high-profile spear-phishing campaigns in recent years. The North Korean government has a well-known cyber-attack group known as Lazarus, which now targets cryptocurrency exchanges. In 2018, SecureList reported that Lazarus has been using a fake company with a backdoor product aimed at cryptocurrency businesses. The SecureList article explains that financial gain and cyber-related espionage are two of Lazarus’s main goals while its tactics, techniques, and procedures have consistently improved and evolved to avoid detection.
How to Prevent Spear Phishing
There are several things a user can do to protect themselves from spear phishing. These include,
• Using common sense, sound judgment, and critical thinking about the emails that they receive. When someone suspects that an email is suspicious it is highly recommended that they contact the person or organization sending the email through a different means then replying to the email, downloading an attachment or visiting a website.
• Users can double-check the credentials of the person or organization sending the email by searching the sender’s email address and content contained in the email on a search engine to see if there are any records or other people who have identified the email as a scam.
• Users should look for red flags such as grammatical errors, misspellings, unusual characters, and irregularities.
• Checking the URL address by hovering over the link without clicking it to check if it uses HTTPS versus HTTP, identifying that it is a secure website.
• Never share private keys to cryptocurrency accounts and wallets. Users should make an effort to determine if a product or service is from a legitimate seller. Unlike credit cards, there is no mechanism to dispute a transaction if a product never arrives or if a service is never performed.
Be sure to check out our next blog in the “Protecting Your Crypto” series where we investigate the growing problem of SIM-swapping.
If you are based in Canada and looking for a Canadian Bitcoin exchange, then take a look at NDAX. NDAX is an easy-to-use, beginner-friendly exchange that can give you easy access to trade Bitcoin and other cryptocurrencies like Ethereum, Ripple, Litecoin, Cardano, Dogecoin, EOS and Stellar.